I may be wrong, but AFAIK I don't see any patches against ARP Poisoning attacks. In the post-install, not even a mention of ARP (Used search tool in Firefox) I know it isn't really a common attack that affects normal users but since Atlas is aimed @Security & with the whole "Setting a static IP" thing by default in the interactive Post-Install in the pull requests I thought it would be a good contribution.
Is your feature request related to a problem? Please describe.
Vulnerable to ARP Poisoning attacks
Describe the solution you'd like
Setting a static ARP Entry at default, although I'm sure there is going to be issues setting it as default since the majority in Atlas are bound to using RDP or some other shit like that, Servers ETC. So if not at default, atleast an option (In the interactive Post-Install)
Additional context
Command used to set a static ARP Entry:
; Demo
netsh interface ipv4 add neighbours "name of your Adapter, for example "Ethernet" (insert default gateway of your adapter here) (insert mac address of the REAL default gateway)
; Real example (This is an example, obviously the information used isn't real)
netsh interface ipv4 add neighbours "Ethernet" 192.168.0.1 00-00-00-00-00-00 (You have to use dashes, it doesn't accept : format)
From this, you could make a for loop or something. All you need is the users: Default Gateway, name of NW Adapter & Mac address attached to the default gateway
This is JUST AN IDEA, If you don't want to add it or think it's ridiculous that's up to you. It's also just not just ARP poisoning, I'm talking about patching other Network attacks (DNS Poisoning ETC) & Yes I know you're limited with patching these sorts of things, since setting a static ARP Entry isn't really "Patching" it fully. This is just an added layer of security, not a full patch. The only reason I thought it would be appropriate to write this was because you can do something about it.
Zusier
commented
3 years ago
I may be wrong, but AFAIK I don't see any patches against ARP Poisoning attacks. In the post-install, not even a mention of ARP (Used search tool in Firefox) I know it isn't really a common attack that affects normal users but since Atlas is aimed @Security & with the whole "Setting a static IP" thing by default in the interactive Post-Install in the pull requests I thought it would be a good contribution.
Is your feature request related to a problem? Please describe. Vulnerable to ARP Poisoning attacks
Describe the solution you'd like Setting a static ARP Entry at default, although I'm sure there is going to be issues setting it as default since the majority in Atlas are bound to using RDP or some other shit like that, Servers ETC. So if not at default, atleast an option (In the interactive Post-Install)
Additional context Command used to set a static ARP Entry:
; Demo netsh interface ipv4 add neighbours "name of your Adapter, for example "Ethernet" (insert default gateway of your adapter here) (insert mac address of the REAL default gateway)
; Real example (This is an example, obviously the information used isn't real)
netsh interface ipv4 add neighbours "Ethernet" 192.168.0.1 00-00-00-00-00-00 (You have to use dashes, it doesn't accept : format)
From this, you could make a for loop or something. All you need is the users: Default Gateway, name of NW Adapter & Mac address attached to the default gateway
This is JUST AN IDEA, If you don't want to add it or think it's ridiculous that's up to you. It's also just not just ARP poisoning, I'm talking about patching other Network attacks (DNS Poisoning ETC) & Yes I know you're limited with patching these sorts of things, since setting a static ARP Entry isn't really "Patching" it fully. This is just an added layer of security, not a full patch. The only reason I thought it would be appropriate to write this was because you can do something about it.