ARP Poisoning

Address Resolution Protocol – Poisoning / Spoofing

How?
An attacker sends falsified ARP messages over the LAN, which results in the linking of an attacker’s MAC address with the IP address of a victim computer or server on the network.

Audience?
LAN network segments that use ARP

Impact?
MitM attacks (viewing non encrypted traffic, sessions, credentials etc.)
DoS attacks

Mitigation?
Static MAC addressing
ARP spoofing detection software
Packet filtering/inspection

Leave a comment

Your email address will not be published. Required fields are marked *