Define ARP spoofing with an example. Compare with IP spoofing
1 Answer
  • The data link layer uses the ARP (address Resolution Protocol ) to translate the IP address to the MAC address
    • The client begins by first sending a broadcast ARP message for a given IP address
    • The switch broadcast the ARP message to all posts except for the source post.
    • When the unintended destination IP address gets the ARP, it replies write it MAC address & all others hosts on the switch will drop.
    • Gratitutions ARP is another flavor of the traditional ARP. It is used by hosts , announces their IP address to the local Network
    • There is no authentication in the ownership of IP & MAC address so an attacher can spoof an ARP packet to announce an IP & the legit user can be kicked out f the Network causing a denial of source.
    • Further this attach can allow switched environment to start delivering traffic to the hosts because the CAM table has been altered with IP & MAC bindings.
    • Examples of popular ARP spoofing S/W are Arpspoof, Cain & Abel, Arpoisen & Ettercap

Comparison with IP spoofing

  • IP spoofing is filling in the IP address field on the packet with an address that isn't the senders IP address ie one cant receive response to the packet.

  • in an ARP spoofing attach, it involves transmitting faked ARP packets , sends a fake ARP response with your MAC address, before the intended recipient can respond. Now the computer that made the request thinks that the IP address belongs to you & it will send all traffic that was intended for that recipient on to you instead.

Please log in to add an answer.