Nowadays data networks represent the most common communication environment for transfer of data, voice or image. Such popularity led network users to becoming more vulnerable to network attacks and intrusions. Data link layer attacks, ex. ARP poisoning, is considered to be one of these dangerous attacks. ARP poisoning attack is a technique used to attack an Ethernet network. It may allow an attacker to sniff network traffic or stop the traffic altogether. In this paper, we use a Fuzzy Logic controller to thwart Data Link layer attacks in ethernet networks (ARP poisoning). Each host in the network is assigned certain dynamic characteristics. Then a Fuzzy Logic controller is used to combine these characteristics keeping in mind the synergy between them. The output of the controller decides if the host is trusted or not. Moreover, we use a stateful ARP cache, instead of the traditional stateless ARP cache.