plz improve CIS v6's ARP attack defense

e3lagh · November 23, 2012, 4:03am

i am a China user.
In my place, has many Immorality’s people use some ARP attack tools to attack other people…
CIS v5 can’t perfectly defense the attack.
As far as I know to defend against such attacks must be “The initiative to send ARP RIGHT DATA PACKET” to Router

can CIS v6 add the x/minutes send right data packet to router in the Chinese version in the cis v6 release.

clockwork · November 23, 2012, 8:29am

Did you try the
firewall > settings of the behaviour of the firewall > advanced > protect ARP cache + discard unrequested ARP fragments?
And the other settings there?

mimi110 · November 23, 2012, 9:02am

it is no use in china >:-D

e3lagh · November 23, 2012, 9:59am

#2 says right, it’s not use in China.
China has many tools , I take an example,
the Attack tools can sends to the router 50 error ARP data packet in 1 minutes.
So Although I opened Comodo ARP defense, I still can’t normal to access the internet.
Download speed reduced 500KB/S to 5KB/S

so I very hope comodo V6 can improve the ARP attack defense to adapting the China’s situation.
At least can be automatically binding current IP address and gateway IP address.
AND
Can ability to customize every second send to the router or switch how much of RIGHT ARP data packet
offset the using attack tools people sending’s wrong data packet

rhgtyink · November 23, 2012, 11:31am

IPv6 no longer uses ‘ARP’ so your either testing the wrong thing or are confused and are attacked by IPv6 tricks.

In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP).
Source: http://en.wikipedia.org/wiki/Address_Resolution_Protocol

e3lagh · November 23, 2012, 1:28pm

Please try to take care of people still use IPv4

rhgtyink · November 24, 2012, 3:11pm

I think I misread and confused CISv6 with IPv6.
Can you please explain in step-by-step description what you are testing and how CIS is failing to protect your ARP cache on your system?

e3lagh · November 25, 2012, 10:42am

The FW inside all ARP protection options are open, and then, I open the ARP attack software in LAN another machine, then my machine download speed from 500KB / s to 5kb / s

if you want, i can provide the ARP attack software, but the software has only Chinese language version,So …

rhgtyink · November 27, 2012, 11:14am

Please send me the link to the software and a screenshot showing what to put where to ‘reproduce’ this issue.