ARP poisoning

What is it?

ARP poisoning is a technique in which a host in a LAN can “poison” the ARP table of another host causing it to send packets to the wrong destination. The attacker can modify the traffic in the network such a way that it will redirect all traffic to go through it. ARP Spoofing will allow an attacker to sniff data frames

How it works?

The attacker intercept the connection between the client and the server. He “enters” into the connection without makeing itself notable and he pretends to be the server for the client and the client for the server. It “convinces everyone” to send the packages to him making them believe that he is the destination.

For example using Wireshark you sniff all the packages and who knows what you will find out? I used this ARP poisoning in order to find some cookies which helped me in a nice demonstration.

References:

http://hackhaholic.blogspot.com/2011/04/what-is-arp-spoofing-and-how-to.html

Advertisements
This entry was posted in IT Security, Week 18. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s