06-03-2008 12:50 PM - edited 03-10-2019 04:08 AM
I am trying to find out if someone familiar with Cisco's IDS/IPS (network and/or host-based) solutions can tell me if the product(s) can identify and/or prevent ARP poison routing attacks. If so, does it require customizing signatures or is there out of the box detection signatures?
Thanks for any information
06-03-2008 01:21 PM
There are some. Go here and do a search for "arp":
http://tools.cisco.com/security/center/search.x?search=Signature
Perhaps it goes without saying, but remember that the sensor has to see the relevant layer 2 traffic for these to work.
06-03-2008 02:11 PM
Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide