Hi,

I just looked at my Norton AV (v.11) for Mac and saw under "Statistics" a warning triangle and "Vulnerability Blocked".

I opened the Activity Log and there are 4 identical lines (all with the same time stamp), as follows:

Event Type - ARP Cache Poison

Result - [looks like a MAC address]

Details - incoming

I can't get any more information from the log than that, and searching on the internet hasn't got me very far.

I think I understand what an ARP attack is, but as I understand it, it can only happen from a computer on the same network. There is only 1 computer on my network (my Mac) and wireless is disabled both on the Mac and on my router, so I don't see how it could have been anyone getting on to my network.

Could it be my Time Capsule causing this log? It's connected via CAT-5 to the Mac, and then the internet router connects to the WAN port on the Time Capsule. So I wondered whether it could be causing an alert in something it is doing?

If anyone has any thoughts, they would be most gratefully received - including whether you think it is anything to worry about.