Eset is detecting an arp cache poisoning attack, where the source is 192.168.1.254 and the target is 192.168.1.73. I currently use At&t U-Verse as my provider. I recently reformatted my computer, but may have somehow got infected.
As I am looking through my logs, on the 5th it says the source is 192.168.1.81, which is my printer but all the other sources of the detections are from 192.168.1.254
My ip address type is Private NAT, is that the reason or part of the reason that eset could be providing a false positive?
Edited by Meangean, 12 November 2012 - 11:04 PM.