Network Security Tips: Arp Cache Poisoning

By Enterprise Networking Planet Staff | Sep 20, 2011 | Print this Page

In a switched environment packets are only sent to devices that they are meant for. Even in this switched environment there are ways to sniff other devices' packets. As reported in this Sys-Con report, Arp cache poisoning puts the attacker in position to intercept communications between the two computers. Computer. In this "Network Security: Arp Cache Poisoning and Sniffing Packets" article discusses a number of tools used in arp cache poisoning.


"For arp cache poisoning to take place the attacker needs to be in the same network segment as the systems that are to communicate between each other. The first step is to obtain a list of IP addresses and the associated MAC. This can be accomplished a couple of different ways, one with a tool called ettercap. Ettercap is a suite for man in the middle attacks on your local LAN. It features sniffing of live connections, content filtering on the fly and more. It supports active and passive dissection of many protocols some of them we will cover in this paper."

Read the Full Story at Sys-Con