Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

ARP Spoofing

Follow
Avatar
"Stormy D"

Just curious about the behavior of ARP Spoofing and thinking out loud here...

 

If ARP Spoofing is the main technique used in redirecting all my LAN traffic and "tricking" endpoints that the Firewalla box is my router/gateway when it's really not, imply my home router is not secure to begin with? Aren't there measures that a modern router (even a consumer-grade router such as my Orbi CBR40) would be able to detect ARP poisoning and try to prevent it or at least notify my admin console of this behavior? Doesn't my router now see only traffic from the Firewalla MAC address? Isn't that suspicious?

 

Thank you

0

Comments

2 comments

Sort by Date Votes
  • Avatar
    Topher

    Keeping in-mind the technology behind these types of devices and how they came into existence, yes there's going to be some level of suspiciousness involved but that aspect is mainly from the "ease of use" for the average consumer (home users in this case) to plug-and-play. 

    You'd think modern routers had this basic ability or counter measures but they do not. I was blow away how easy Firewalla was to integrate during my initial experience. Upon plugging it in, it took over and became authoritative (in simple mode) and I was none the wiser. Most home users have the same router they were initially provided during signup with their ISP (years prior) thus the reason there is a need for such a product.

    I have integrated the blue on a number of different routers and 6 out of 8 worked immediately in simple mode. My new home router, still provided by ISP but recently changed out for "tech refresh", prevented Firewalla working in simple mode which required me to utilize DHCP mode. 

    Service providers, ISPs, router & IOT manufacturers don't want the burden of costly support which can be avoided by removing road blocks to usage (such as security). For users willing to purchase their own Orbi's then perhaps not as much of a need

    1
    Comment actions Permalink
  • Avatar
    Braedach

    Topher,

    I have noticed via wireshark that the ARP traffic has increased significantly due to how Firewalla works.

    Im considering switching to DHCP and shutting down the routers DHCP server.

    Would you recommend this solution over simple mode.  My Router keeps going into thermal protection and the kernel warnings in its logs are just about non stop.

    Thanks in advance.

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post