ARP spoofing and poisoning
TRAFFIC TRICKS
Any user on a LAN can sniff and manipulate local traffic. ARP spoofing and poisoning techniques give an attacker an easy way in.
Curiousity, revenge, industrial espionage are all reasons why insiders attack systems on their own network. Statistics show that 70 to 80 percent of all attacks originate on the internal network [1]. Admins have a hard time preventing these internal attacks because protecting the internal network is a lot more difficult than protecting against external attack. One of the most formidable forms of internal attack is known as ARP spoofing. ARP spoofing puts an attacker in a position to sniff and manipulate local traffic. So-called man-in-the-middle attacks are easy to perform, and thanks to sophisticated software, even attackers with little knowledge of networking stand a good chance of succeeding. How ARP Works The ARP protocol was published in November 1982 by David C. Plummer as RFC 826 [2]. As IT security was not an important factor back in 1982, the aim was simply to provide functionality. ARP maps IP addresses to MAC addresses. If client C needs to send a packet to server S, it needs to know the MAC address of S if both machines are on the same subnet. Even if S resides in a different network, C still needs a MAC address – in this case, the address of the next router that will forward the packet. The router takes care of everything else.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
News
-
Red Hat Enterprise Linux 7.5 Released
The latest release is focused on hybrid cloud.
-
Microsoft Releases a Linux-Based OS
The company is building a new IoT environment powered by Linux.
-
Solomon Hykes Leaves Docker
In a surprise move, Solomon Hykes, the creator of Docker has left the company.
-
Red Hat Celebrates 25th Anniversary with a New Code Portal
The company announces a GitHub page with links to source code for all its projects
-
Gnome 3.28 Released
The latest GNOME rolls out with better contact management and new features for handling virtual machines.
-
Install Firefox in a Snap on Linux
Mozilla has picked the Snap package system to deliver its application to Linux users.
-
OpenStack Queens Released
The new release comes with new features for mission critical workloads.
-
Kali Linux Comes to Windows
The Kali Linux developers even managed to run full blown XFCE desktop via WSL.
-
Ubuntu to Start Collecting Some Data with Ubuntu 18.04
It will be an ‘opt-out’ feature.
-
CNCF Illuminates Serverless Vision
The Cloud Native Computing Foundation announces a paper describing their model for a serverless ecosystem.