144
◾
Ethical Hacking and Penetration Testing Guide
ARP Poisoning
ARP poisoning is a very popular attack and can be used to get in the middle of a communica-
tion. This could be achieved by sending fake “ARP replies”. As discussed earlier, the ARP protocol
would always trust that the reply is coming from the right device. Due to this flaw in its design, it
can in no way verify that the ARP reply was sent from the correct device.
The way it works is that the attacker would send a spoofed ARP reply to any computer on a
network to make it believe that a certain IP is associated with a certain MAC address, thereby
poisoning its ARP cache that keeps track of IP to MAC addresses.
Dostları ilə paylaş: