ARP Spoofing, also known as ARP poisoning is a technique used by crackers in order to sniff frames on a switched LAN or stop the traffic on the LAN.
The principle of ARP spoofing is to send fake ARP replies to the LAN. The frame contains a different MAC address than the one belonging to the machine sending. This confuses network devices, such as switches, and as a result frames intended for one machine can be mistakenly sent to another (allowing the packets to be sniffed) or an unreachable host (denial-of-service).
Using IPv6, IPsec and static ARP records are methods to defend against ARP spoofing attacks.
See Also
External links
Last updated: 08-02-2005 06:13:38