Block Gratuitous ARP frames?

I did some search on google and found this:

Gratuitious ARP frames are important as they update your machine's ARP cache whenever there is a change to another machine on the network (for example, if a network card is replaced in a machine on the network, then a gratuitous ARP frame will inform your machine of this change and request to update your ARP cache so that data can be correctly routed).

If they are important, why block them? If the above senario occurs, how will I be informed about the change?

I tried to find more about gratuitous ARP frames, but didn’t come up with sth other that by blocking them it protects you from malicius updates, which I don’t understand as the replacement of a network card isn’t very malicius :stuck_out_tongue:

I guess I should have Protect the ARP cache and block gratuitous ARP frames enabled, but for the second I can’t figure out why yet.

Thank u!

Google “arp cache poisoning” to see what this is all about.

Thanx for you reply, I allready did that and understood why I should enable “Protect ARP cache”.

But I don’t understand how it is combined with “block gratuitous ARP frames”.
Doesn’t matter though, I’m gonna use it anyway, just wanted to extend my knowledge :-TU

so are you recommending blocking gratuitous arp frames?

I don’t do it, but under some attack conditions this will help you work through it.