Protecting agains ARP Spoofing (or sniffing in general)

ponury · **Joined:** Thu Jun 02, 2011 6:15 pm **Posts:** 280

Not everyone could know how to protect yourself against these types of attack. So here's the basic ideas:

don't use public WiFi (100% reliability)
create and use VPN (100% reliability)
use HTTPS whenever possible
use some smart firewall (this is not 100% safe)
if you're a sysadmin - use WPA Enterprise

Don't know if there's any browser plugins that would do it for you.

securing facebook
1. Click on Account and choose "Account Settings"

Attachment:

1.jpg [ 14.68 KiB | Viewed 16241 times ]

2. Click "change" next to "Account Security"

Attachment:

2.jpg [ 4.27 KiB | Viewed 16241 times ]

3. Tick the box on the left of "Browse Faceboo on a secure connection (https) whenever possible

Attachment:

3.jpg [ 15.15 KiB | Viewed 16241 times ]

If you have any other ideas please post them here.

Always make sure you're using SSL!

GingerPaul55 · **Posted:** Sun Jun 05, 2011 9:59 pm

A few other things;

1) Up to date router. Force apps like this to use stealth mode
2) Use static ARP tables if you are really paranoid
3) And if you want to go all out a top notch IDS system

You covered most of it but I hope this helps someone

GingerPaul

zakazak · **Joined:** Fri Jun 03, 2011 7:41 am **Posts:** 10

for extensions: in firefox use https-everywhere & https-finder

it will notify you everytime if there is a https version available and then uses it automatically.

I wonder if comodo free firewall (with HIPS+ enabled) is any good against ARP spoofing

In Stiches · **Joined:** Mon Jun 06, 2011 9:28 pm **Posts:** 13

https-everywhere is not compatible with Firefox 5
https-finder is compatible with Firefox 5

zakazak · **Joined:** Fri Jun 03, 2011 7:41 am **Posts:** 10

i use both on FF 5.0 ?

Protecting agains ARP Spoofing (or sniffing in general)

Who is online