From the course: Network Forensics
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
ARP poisoning
- [Instructor] And so there are packets flying in your network constantly due to the abundance of the ARP messages and their unsecure nature, attackers try to exploit them and they are often successful. ARP poisoning is a good example, it's a type of the Man-in-the-middle attack where bad guys impersonate another host. Here is how the attack works. A militia's host, Eve, sends an ARP request to an unsuspecting victim, Alice, and provides them intentionally incorrect mapping basically saying that its Mac is associated with the victim's intended recipient of a packet who is Bob. Consequently, this request will update the ARP table of the victim, Alice, with the false mac IP address mapping from this on whenever the victim, Alice, sends a message to Bob Eve will intercept it. Eve does the same ARP poisoning exercise with Bob and makes him think that it's Alice. Eve still forwards the message from Alice to Bob, but is now able to eavesdrop on all the conversations between Bob and Alice…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.