mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2026-03-04 00:01:12 -05:00
ARP Spoofing Protection (ARP Bind) #2150
Labels
No labels
P1: Critical
P2: High
P3: Medium
P4: Low
UI
bug
cannot reproduce
compatibility
dependencies
docker
documentation
duplicate
enhancement
enhancement
external libs
feature request
good first issue
help wanted
infrastructure
invalid
localization
needs investigation
performance
potential-duplicate
question
recurrent
research
snap
waiting for data
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/AdGuardHome#2150
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @EntropySmoke on GitHub (Nov 16, 2020).
Prerequisites
Problem Description
AdGuard Home is running as a local DNS and DHCP server on Raspberry Pi 2. Router is not used as DHCP server. I'd like to reduce chances of ARP spoofing. Some routers, like DD-WRT, provide basic ARP spoofing protection. I can also use Windows commands to create static IP-MAC ARP-bind between Windows devices and router. How can I ARP-bind AdGuard Home local DNS and DHCP server to devices connected to it?
Proposed Solution
AdGuardHome.yaml section where static IP-MAC ARP bind can be specified.
@ghost commented on GitHub (Mar 9, 2021):
And why not do the same with the link local/uuid of DHCPv6 too (since the future is ipv6 the same protection must be enforced too.