ZA is not protecting me against ARP poisoning attack

As you guys know, there is an option called "Enable ARP protection" under the firewall settings. Despite enabling this option, I could still ARP poison my desktop that's in the same network as my laptop and sniff all the packets. How did this happen? Am I the only one experiencing this malfunction of ZA?

 

You will need to give some more detail on how you are doing the ARP poisoning.

 

I used Backtrack3 live cd to launch an ARP poisoning attack. Specifically, I used Ettercap that comes with BT3.
First I scanned for a host and got IPs for my router and my desktop. Then, I added those IPs to each target and enabled ARP poisoning, which was carried out successfully.

 

This should only be possible if someone gains access to the wireless network right?

 

So far as I know,none of those brand name firewalls can stop heavy ARP attacks. We already have had a lot of discussion about this topic in WSF.

There are some Anti-arp tools which are designed to fight ARP attack only though. You may try antiarp,but it requests you to change your homepage if you want to continue to use the product after 15 days trial. Or you may try Kingsoft's antiarp.

I heard they both did well in ARP attack tests.

 

yes, it's only possible once you gain access to the network.

 

Thank you for the info.

 

Alright thanks rOadToIS!

 

Yes, or take control of your ISP

 

Now I'm really worried! My ISP are run by morons!

 

Mhuhuuaah, you are owned

 

hell i know my ISP is run by morons... but the customer support is nice at least but they havent been taken over (yet...)

 

I use another brand name FW, and it does offer protection against ARP attacks.

I would want to see independent testing results from someone like Stem before accepting that ZA or any main line FW doesn't protect against ARP attacks.

In the meantime can you provide links to your test results?