ARP spoofing and poisoning
TRAFFIC TRICKS
Any user on a LAN can sniff and manipulate local traffic. ARP spoofing and poisoning techniques give an attacker an easy way in.
Curiousity, revenge, industrial espionage are all reasons why insiders attack systems on their own network. Statistics show that 70 to 80 percent of all attacks originate on the internal network [1]. Admins have a hard time preventing these internal attacks because protecting the internal network is a lot more difficult than protecting against external attack. One of the most formidable forms of internal attack is known as ARP spoofing. ARP spoofing puts an attacker in a position to sniff and manipulate local traffic. So-called man-in-the-middle attacks are easy to perform, and thanks to sophisticated software, even attackers with little knowledge of networking stand a good chance of succeeding. How ARP Works The ARP protocol was published in November 1982 by David C. Plummer as RFC 826 [2]. As IT security was not an important factor back in 1982, the aim was simply to provide functionality. ARP maps IP addresses to MAC addresses. If client C needs to send a packet to server S, it needs to know the MAC address of S if both machines are on the same subnet. Even if S resides in a different network, C still needs a MAC address – in this case, the address of the next router that will forward the packet. The router takes care of everything else.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
Linux Mint 21.1 Enters Beta Status
With a new version of the Cinnamon Desktop, Linux Mint 21.1 has plenty to offer.
-
4MLinux 41.0 Now Stable and Ready for Use
The developers behind 4MLinux have changed the status of 41.0 to STABLE, which means it's ready for prime time.
-
Xfce 4.18 Coming Soon and Offers Subtle Improvements
The Xfce team has announced the release date of the next iteration of the desktop, which includes a good number of features to polish the fan-favorite Linux UI.
-
Orange Pi Board Has Arch-Based Linux Distribution in the Works
The developers of the Orange Pi board are planning to release an Arch-based Linux distribution available for its hardware as an alternative to Orange Pi OS.
-
Alpine Linux 3.17 Now Available to the General Public
The developers of Alpine Linux have officially announced the release of the latest version of the security-focused Linux distribution.
-
The New StarFighter Linux Laptop Now Available for Preorder
A new, completely customizable Linux laptop is now available to preorder from Star Labs.
-
Critical Escalation Vulnerability Found in the Linux Kernel
A new local privilege escalation vulnerability has been discovered in the Linux kernel and users are encouraged to upgrade/patch immediately.
-
AlmaLinux 8.7 Now Available
The developers of AlmaLinux have released the latest version of the OS, named Stone Smilodon, to the general public.
-
New Arch-Based Linux Distribution Aims to be Beginner-Friendly
CachyOS has been created to serve as a Linux distribution for everyone, even while being based on the more complex Arch Linux.
-
elementary OS 7 Getting Closer to Release
The team behind elementary OS has announced they are now focused on putting the finishing touches on the next major release of the Linux distribution.