Mohammed Ismail wrote:
> You miss the point they do it on regular Switched Ethernet
> Just the cheapest switches, and clients are not seeing each other.
> I really cannot change from m0n0wall, I am already using it for more than 2
> years, and my clients are satisfied with fascinating easy web interface,
> I might migrate to pfsense, but nothing really much there, I look to
> m0n0wall as the slandered for me all what I need is in one small image,
> In other way, I believe there will be a solution or semi-solution on
I can not see how this would happen, but I can see how it would appear
to happen. If arp poisoning mtm is well done, you do not notice. And
you can harden systems to avoid it, including m0n0wall. But if you do
not have control of the end users (like I do not in the hotels I provide
service in) you can not protect them unless you have good managed
switches. It also makes troubleshooting easy, as you can look at arp
tables throughout the network and find out where the scammer is hidding!
And I have enjoyed this. It never hurts to think a bit more in depth
about security. Feel free to ask more!