Hope everyone has been well! I saw this in my logs recently and got a huge scare -
The gateway physical address is my router address and SSID is that of my home Wifi. The thing is, I did not receive any pop-up about it (or perhaps I was distracted) and around 1 hour later Norton had a pop-up for the same SSID -
So I googled about MiTM attacks and ARP spoofing, but it does not seem to tell me how I could possibly detect if the attack is still going on, and if it is, how I could possibly stop it. I'm assuming that this Scan Time of 6s Norton is reporting means the attacker got hold of my packets for 6 seconds..? Would appreciate any advice on how I could possibly check on this, and to know if the attack is still ongoing! I am currently still connected to this network as it is the only one I have to be able to access the internet, but I have connected and disconnected from it many times and haven't received this pop up again. Would appreciate any thoughts on this, thank you!
EDIT: The thing is, I just found out that my mum had been tampering with the wires connected to my routers and the optical network fibres because she was trying to shift the television around Now I have intermittent connection on my mobile using Wifi, and I am unable to access my router's homepage like I normally can. It's a lot to take in all at once...