Just curious about the behavior of ARP Spoofing and thinking out loud here...
If ARP Spoofing is the main technique used in redirecting all my LAN traffic and "tricking" endpoints that the Firewalla box is my router/gateway when it's really not, imply my home router is not secure to begin with? Aren't there measures that a modern router (even a consumer-grade router such as my Orbi CBR40) would be able to detect ARP poisoning and try to prevent it or at least notify my admin console of this behavior? Doesn't my router now see only traffic from the Firewalla MAC address? Isn't that suspicious?
Please sign in to leave a comment.