Network Security – Arp spoofing



So…. what is arp spoofing (poisoning)…. and what are it’s implications? ARP spoofing involves tricking a machine into thinking that you’re machine is, yet another. Let’s put this in IP address terms. Let’s say that 192.168.0.1 is the default gatway on the network and 192.168.0.150 is our target. We are given another network address – say 192.168.0.250…. Arp spoofing would tell 192.168.0.150 that OUR network adapter is the place to send information destined for 192.168.0.1, (and we could also tell 192.168.0.1 that WE are the rightful recipient of data sent to 192.168.0.150). These is done by offering up our MAC address as the legitimate desitination to each machine through a crafted ARP response.


Now, on first reading all of this you think….. wow that sounds hard. Actually there is software readily available that does this in just a few clicks (or with a simple command line syntax.) So, it’s VERY easily done once you’re in the same subnet as the machines that are targetted. In fact, it’s possible to arp-spoof an entire subnet this way, say capturing all traffic from the subnet to the gateway. Once all that traffic is routed through the attacking machine, then…. it can be analyzed.

There is software that quickly and easily collects passwords from this stream of data, or perhaps logs web addresses, captures mail transfered, or can even alter data in the stream (maybe replacing images on a web page or directing you to a page other than you intended.)

So basically this means that ANY untrusted machine connected to your LAN (as long as it’s on your subnet or “upstream” towards the internet), could easily sniff any and all data flowing through the network. Of course, if the hostile machine is upstream, it could only sniff traffic moving outside of the LAN to the router to the internet for instance.

Related Posts

Blog Traffic Exchange Related Posts
  • So who is behind Windows Police Pro Virus / Rogue Security Software? As I've seen the continuing FLOOD of searches for some way to Remove Windows Police Pro, I've been starting to wonder at the who is behind this particular piece of junk software. These programs aren't written by your average ordinary virus writer, there is really too much spit and polish......
  • Network Security guide for the home or small business network - Part 15 - Security Through obscurity I remember many years ago watching a Dr. Who episode where a very important key was "hidden" in a display of many other keys. Kind of like hiding a tree in a forest. This concept is "security by obscurity". Generally this is considered a bad approach to security. It is......
  • Network Security - Hub or Switch? So, for those that have a little bit of knowledge about network hardware, you've probably heard this. "You can't sniff switched networks".... wrong.... let's see what this is about. Older networking hardware was dominated by what's called a hub. This was basically a "dumb" device that when it received data,......
Blog Traffic Exchange Related Websites
  • Home Based Internet Marketing - Powerful Tactics The "Gurus" Will Never Disclose: (function() {var s = document.createElement('SCRIPT'), s1 = document.getElementsByTagName('SCRIPT')[0];s.type = 'text/javascript';s.async = true;s.src = 'http://widgets.digg.com/buttons.js';s1.parentNode.insertBefore(s, s1);})(); 11Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})(); 11 Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})();......
  • Network Marketing - Are you Taking Massive Action? (function() {var s = document.createElement('SCRIPT'), s1 = document.getElementsByTagName('SCRIPT')[0];s.type = 'text/javascript';s.async = true;s.src = 'http://widgets.digg.com/buttons.js';s1.parentNode.insertBefore(s, s1);})(); 3Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})(); 3 Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})();......
  • Federal and State Estimated Quarterly Tax Payments are Due! On Wednesday, I did a quick estimate of my taxes to see how much more I would owe for federal and state taxes and I realize that I may owe so much that I would be charged a penalty for underpayment! I guess I didn't realize how much I made......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site