|
||||||||
Hi, Are you using a wireless access point to run everyone through captive portal or are they all wired in via Ethernet port? Thanks, Michael Mohammed Ismail wrote: > I have been using m0n0 wall since 2006 and till now it is relay the best, providing me high stability and hardware cost effective. > turning 200 MHZ PC into an advanced Router. > > now adays i faced a problem, spoofing wrong MAC > my LAN ip is > 192.168.1.1 MAC 00:23:34:43:f4:b1 > so when i type arp -a in command under windows xp from any client PC i should get the right mac i get for instade for example > 192.168.1.1 wr:on:g:ma:ca:dd > now the trojan give wrong MAC > also in ARP cache on m0n0wall i get all MAC addresses of the client are the same!!! > like this>> > 192.168.10.105 00:16:17:ec:9f:b8 > 192.168.10.29 00:16:17:ec:9f:b8 > 192.168.10.34 00:16:17:ec:9f:b8 192.168.10.60 00:16:17:ec:9f:b8 > > so in captive portal i must check on , disable MAC filtering , so thoes clients get internet connectivity, > > there are some applecations that uses winpcap and make statice arp entire on the infected pc > keep telling my mac is xx:xx:xx:xx:xx:xx and keep Gateway Mac as static entry in arp table in windows xp > > sorry for long explainning of the problem, > now is it possible that i make m0n0wall keep telling clients that M0n0 IP is 192.168.1.1 and MAC is 00:23:34:43:f4:b1 > > so it is added in arp table of the client machine as static entery , or keep sending this arp packet every 1 sec to prevent spoofing of m0n0 mac > this also will provide security from spoofing. > > Note: i am useing 1.3b10 > and i have this problem in 7 networks that i dont have easy access to client PCs > so i need a remote solution. if possible > > best regards > Mohammed Abd El Wadoud > Account Manager > Sharm El Sheikh > m dash ismail at link dot net > +20105337746 > > |