I have been using m0n0 wall since 2006 and till now it is relay the best, providing me high
stability and hardware cost effective.
turning 200 MHZ PC into an advanced Router.
now adays i faced a problem, spoofing wrong MAC
my LAN ip is > 192.168.1.1 MAC 00:23:34:43:f4:b1
so when i type arp -a in command under windows xp from any client PC i should get the right mac i
get for instade for example
now the trojan give wrong MAC
also in ARP cache on m0n0wall i get all MAC addresses of the client are the same!!!
192.168.10.34 00:16:17:ec:9f:b8 192.168.10.60 00:16:17:ec:9f:b8
so in captive portal i must check on , disable MAC filtering , so thoes clients get internet
there are some applecations that uses winpcap and make statice arp entire on the infected pc
keep telling my mac is xx:xx:xx:xx:xx:xx and keep Gateway Mac as static entry in arp table in
sorry for long explainning of the problem,
now is it possible that i make m0n0wall keep telling clients that M0n0 IP is 192.168.1.1 and MAC is
so it is added in arp table of the client machine as static entery , or keep sending this arp packet
every 1 sec to prevent spoofing of m0n0 mac
this also will provide security from spoofing.
Note: i am useing 1.3b10
and i have this problem in 7 networks that i dont have easy access to client PCs
so i need a remote solution. if possible
Mohammed Abd El Wadoud
Sharm El Sheikh
m dash ismail at link dot net