Battle Testing Wifi Protector: Protecting ARP Table

Not so long ago, I conducted a comparative test of Android programs that prevent an attack on an ARP table . Then some users wanted me to test the Wifi Protector program, which was not included in my review.
Finally, my hands reached her.



The success of the attack could be judged through the program itself.
')


Testing happened absolutely as in the previous case.



The program can work in 2 modes. In the first mode without root user rights. In this mode, the program periodically monitors existing entries and displays a message about the attack in the event of a change:

Nevertheless, it may take about 5 seconds between an attack and a program's reaction. Then the records are restored.




If the device has root access, the situation changes. It seems that the created records are statically registered and there is no possibility to change them even for seconds. In this mode, the program does not issue alerts about attempted attacks.











Summing up, I can say that this program, according to the test results, best coped with the defense. But she and denezhek worth (albeit small). The only bad feeling from working with it is a false alarm when switching from one access point to another:

This is due to the incorrect logic of the program: it monitors the change in the BSSID (also known as the MAC address) of the access point and, when it changes, signals an attack, considering that the attacker is trying to switch the device to his access point. But at the same time, the SSID (network name) is not monitored at all. In the given case it was like this: I simply switched from one network to another and received a false report about the attack.

In general, use it wisely.