While reading the article , I really liked this statement – Hackers lie. Skillful hackers lie well. And well-rounded hackers can lie both to people and to machines. And the most commonly used way to do it is – ARP Cache Poisoning.
ARP , as a very simple protocol,consists of merely 4 basic messages,shown below.
1.An ARP Request. Computer A asks the network, “Who has this IP address?”
2.An ARP Reply. Computer B tells Computer A, “I have that IP. My MAC address is [whatever it is].”
3.A Reverse ARP Request (RARP). Same concept as ARP Request, but Computer A asks, “Who has this MAC address?”
4.A RARP Reply. Computer B tells Computer A, “I have that MAC. My IP address is [whatever it is]”.
This gives an albityt to attacker to assocciate any IP address with any MAC address, whivh leads to many attack vectors, such as – Deanial of service , Man in the middle and MAC flooding. About these types of attacks you can read in the reference i used , which is here
Ways to avoid ARP poisoning:
1. For a small network its useful to make your IP static and create a login script , which boots the parameters automatically after the start.
2.For a large network its smart to secure your ports.
3.For every network the best way to protect is to monitor it , by using such sowtware as ArpWatch.