From the course: Network Forensics
Join today to access over 25,500 courses taught by industry experts.
ARP poisoning
- [Instructor] ARP packets are constantly flying through your network. Due to the abundance of ARP messages and their insecure nature, attackers try to exploit them and are often successful. ARP poisoning is a good example. It's a type of man-in-the-middle, or MITM, attack in which bad people impersonate another host. Here is how the attack works. A malicious host, Eve, sends an ARP request to an unsuspecting victim, Alice, and provides an intentionally incorrect mapping, basically saying that its MAC is associated with the victim's intended recipient of a packet B. Consequently, this request will update the ARP table of the victim, Alice, with a false MAC IP address mapping. From this on, whenever the victim, Alice, sends a message to Bob, Eve intercepts it. Eve does the same ARP poisoning exercise with Bob and makes him think that it's Alice. Eve still forwards the messages from Alice to Bob, but can now eavesdrop on all the conversations between Bob and Alice.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.