About ICMP, ARP and one block port

Excellent news Stem. Thank you so much!

 

Hi Mido,

I would not advise anyone to install Anti-Netcut. From my testing of that tool (I have just re-checked again), I find it attempts to make an FTP download from 64.72.119.131, it also attempted control of the default browser to connect to Tools4free.

Your own IP/MAC is NOT placed in your own ARP cache, you have either misread, or the info you found is incorrect.

The IP/MAC that is needed is the gateway, you can place this into the ARP cache as a static entry to help prevent the spoofing attack from such as netcut, but due to the need to allow ARP for resolution of your MAC by the gateway, ARP still needs to be allowed, so a need to use a tool to monitor the ARP cache, in case of forced flushing.

A simple tool to (only) monitor the ARP cache is XArp The same company that made this also produce an ARP anti-spoofing tool I did look at the betas of this, but have not checked out this latest release yet.

 

Just a note:

If you are connected to a large LAN (as example an ISP LAN), do be aware that with the setting of "Block host when it enumerates other computers on LAN", this could give rise to the blocking of the gateway. (some ISP LANs will continuously update/map the LAN from gateway, OP Pro will see this as scanning)

As example of ARP over ISP LAN: My own ISP LAN, making simple check, I see an average (from gateway+nodes) of 1450 ARP broadcasts per minute on a LAN of 253 users (subnet 255.255.255.0)