You get a bonus - 1 coin for daily activity. Now you have 1 coin

ARP-spoofing

Lecture



ARP-spoofing

The current version of the page has not yet been tested by experienced participants and may differ significantly from the version tested on April 12, 2012; checks require 17 edits.
ARP-spoofing is an attack technique on Ethernet networks that allows intercepting traffic between nodes. Based on the use of the ARP protocol.

When using remote search algorithms in a distributed computer network, it is possible to implement a typical distant object of a distributed computer system in such a network. An analysis of the security of the ARP protocol shows that by intercepting a broadcast ARP request on an attacking node within a given network segment, you can send a false ARP response, in which you declare yourself the desired node (for example, a router), and further actively monitor the network traffic of the disinformed node, acting on it according to the “false object RVS” scheme.

Tools for performing ARP spoofing:

Ettercap
Cain & Abel,
dsniff
arp-sk,
Arp builder
AyCarrumba.
Intercepter-ng
Tools and methods for detecting and preventing ARP spoofing:

programs arpwatch, BitCometAntiARP;
VLAN organization;
using PPTP - does not have adequate protection. OpenVPN PPPoE is considered the most reliable;
Encryption of traffic in the local network (IPSec).

created: 2014-08-31
updated: 2021-03-13
132533



Rating 9 of 10. count vote: 2
Are you satisfied?:



Comments


To leave a comment
If you have any suggestion, idea, thanks or comment, feel free to write. We really value feedback and are glad to hear your opinion.
To reply

Cryptanalysis, Types of Vulnerability and Information Protection

Terms: Cryptanalysis, Types of Vulnerability and Information Protection