All of a sudden - seeing a new thing on Comodo logs -
if my PC LAN IP is 192.168.0.XXX, log shows incoming ARP from myself (i.e.192.168.0.XXX) to 0.0.0.0
This should show as outgoing - why is this showing as incoming?
am I ARPing myself or is someone forging packets via MITM attacks.
I’m on shared network.
Just want to know whats happening, its risk implications and how to mitigate - screens shared.
BTW, as said before COMODO CIS needs an ARP protection overhaul - I still get disconnected via ARP attacks every now & then inspite of ARP protection enabled.