I'm helping my school network administrator to try to find a way to mitigate a current ARP spoofing attack on our wifi network. We detected an unknown host (MAC address seem to change, he is probably using mac-changer or something similar) sending forged ARP into the network.
After some discussion, we agree to use a freeradius authentication server to make it easy to discover who is at the origin of the attack.
But as I'm not a security specialist (only an enthusiast) and don't know a lot about the Radius protocol, I wondered if the freeradius server could mitigate an ulterior ARP spoofing attack (if someday another student decide to try this kind of attack again), and how to configure it to do so.
Thank for your help ;)
Aucun commentaire:
Enregistrer un commentaire