|
||||||||
I have been using m0n0 wall since 2006 and till now it is relay the best, providing me high stability and hardware cost effective. turning 200 MHZ PC into an advanced Router. now adays i faced a problem, spoofing wrong MAC my LAN ip is > 192.168.1.1 MAC 00:23:34:43:f4:b1 so when i type arp -a in command under windows xp from any client PC i should get the right mac i get for instade for example 192.168.1.1 wr:on:g:ma:ca:dd now the trojan give wrong MAC also in ARP cache on m0n0wall i get all MAC addresses of the client are the same!!! like this>> 192.168.10.105 00:16:17:ec:9f:b8 192.168.10.29 00:16:17:ec:9f:b8 192.168.10.34 00:16:17:ec:9f:b8 192.168.10.60 00:16:17:ec:9f:b8 so in captive portal i must check on , disable MAC filtering , so thoes clients get internet connectivity, there are some applecations that uses winpcap and make statice arp entire on the infected pc keep telling my mac is xx:xx:xx:xx:xx:xx and keep Gateway Mac as static entry in arp table in windows xp sorry for long explainning of the problem, now is it possible that i make m0n0wall keep telling clients that M0n0 IP is 192.168.1.1 and MAC is 00:23:34:43:f4:b1 so it is added in arp table of the client machine as static entery , or keep sending this arp packet every 1 sec to prevent spoofing of m0n0 mac this also will provide security from spoofing. Note: i am useing 1.3b10 and i have this problem in 7 networks that i dont have easy access to client PCs so i need a remote solution. if possible best regards Mohammed Abd El Wadoud Account Manager Sharm El Sheikh m dash ismail at link dot net +20105337746 |