Here’s everything you need to know about ARP Poisoning.
1 min read
Summary
ARP poisoning or ARP sniffing is a form of Man-in-the-Middle (MitM) attack, which involves the attacker sending spoofed ARP messages onto a local network.
This leads to the attacker being inserted into the network path between the attacker’s chosen target and the target’s destination.
The destination will be a server which the attacker is also able to access, enabling them to intercept any data which is sent between the target and the destination.
To carry out the attack, the attacker will usually use a program which enables them to send spoofed ARP messages onto the network, which means that the attacker’s MAC address will be associated with the IP address of the destination the target is trying to reach.
The target then sends data to the attacker, believing that they are the destination they are trying to communicate with.
The attacker then forwards this data onto the actual destination, enabling them to intercept any data which is being sent.
ARP poisoning can be prevented by using encryption or by regularly checking a network’s ARP table to spot any inconsistencies.