Home
Certification Preparation
CompTIA
Network+
arp poisoning
GHOSTRIDER2016
Guys,
I understand that arp spoof/poisoning involves an attacker intercepting a computers request for a mac address say for example from a router and responding with their mac address and believe their ip address. Thus the attacker fools the legitimate machine into thinking it is the router.
Whats baffling to me is why would the machine report to the attackers machine rather then the routers machine ?
Thanks
Find more posts tagged with
Comments
636-555-3226
the victim machine thinks the attacker's machine IS the router.
attacker keeps hammering victim with fake arp messages trying to poison (confuse) victim's arp tables.
cisco has at least one mitigation for this called Dynamic ARP Inspection (DAI)
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/dynarp.html
cain & scapy can both do arp spoofing, but it's been so long since i've done it i'd tell you to just google or youtube for walk-throughs
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
