|
ARP spoofing - Definition and Overview |
|
|
|
 A typical Ethernet frame. A spoofed frame could have faked source MAC addresses to trick devices on the network. ARP Spoofing, also known as ARP poisoning is a technique used by crackers in order to sniff frames on a switched LAN or stop the traffic on the LAN.
The principle of ARP spoofing is to send fake ARP replies to the LAN. The frame contains a different MAC address than the one belonging to the machine sending. This confuses network devices, such as switches, and as a result frames intended for one machine can be mistakenly sent to another (allowing the packets to be sniffed) or an unreachable host (denial-of-service).
Using IPv6, IPsec and static ARP records are methods to defend against ARP spoofing attacks.
See Also
External links
- ettercap (http://ettercap.sourceforge.net/)
- ARPToxin (http://www.phrite.net/default.php?page=tools&id=1)
- XArp (http://www.chrismc.de)
|
|
Example Usage of spoofing |
 |
bekselmans: @codaset Did your The RSA host key for codaset.com changed? (Or am I really suffering a dns spoofing?) |
 |
Twilight_Videos: Spoof: Twilight and New Moon: Here are some videos spoofing Twilight and New Moon..syn{font-fami... http://bit.ly/7aUfI4 #twilight #newmoon |
 |
Blizfulness: soo funny - they're spoofing Katorse!!.. hahaha |
|
