Questions tagged [arp]
34 questions
4
votes
3 answers
An ARP table keeps multiple MAC addresses for an IP address or a single one?
Some ARP spoofing texts say that this man-in-the-middle attack overwrites the intended target MAC with the attacker's MAC in the ARP table (e.g. https://en.wikipedia.org/wiki/ARP_spoofing , Question regarding arp spoofing)
Other says that it creates…
Alan Evangelista
- 143
- 6
4
votes
2 answers
Why can't iptables drop arp requests
I was trying to hide my laptop from my phone's network scan app. The app is using arp requests to find devices on the network. I tried everything on iptables. It doesn't work, even if i set all the policies drop. Fortunately arptables can drop the…
Grey
- 353
- 4
- 6
4
votes
1 answer
Problem with ARP-Spoofing
first of all i have a basic questions regarding network traffic:
All Devices in the network are connected with WLAN and a Router. If i send a message from my computer to a other device in the network per IP my computer looks in the arp table for the…
Saueee
- 41
- 1
- 2
3
votes
1 answer
How ARP spoofing works when the attacker has a different IP address than target?
I am unable to understand fully how ARP spoofing attacks are successful.
Assuming three PCs are connected to a single switch
PC-1 - IP address 192.168.1.1, MAC: AA:AA:AA:AA:AA:AA
PC-2 - IP address 192.168.1.2, MAC: BB:BB:BB:BB:BB:BB (ARP…
jamie754
- 31
- 1
3
votes
3 answers
ARP request spoofing
I'm working on an SDN-based access/backhaul network. For some experiments I need to generate an ARP request from one of the node in my network, pretending to be another one. Essentially this ARP request will be injected into the network by the…
Math
- 31
- 1
3
votes
2 answers
Best practice to discover network hosts?
I'm creating a python networking program and need to discover all the usable hosts on the network such as phones and desktops on Linux.
What works better, NMAP, Arp-Scan, arp, or something else?
I've tried this to discover hosts with NMAP:
nmap -n…
Seth Painter
- 143
- 1
- 5
3
votes
2 answers
What is the role of ARP poisoning when doing a DHCP spoofing attack
My Current Background on the topic
DHCP Spoofing is done by a rogue DHCP server on the network which replies to DHCP requests from hosts(Attacker can run a DHCP starvation attack on the legitimate DHCP server to stop it from handing away IP…
RanjanaLK
- 133
- 1
- 4
3
votes
3 answers
Force a device to give up its IP address?
Expanding to a previous question where I asked if it would be possible to redirect traffic on a port from another device to my local device, if a PC on my network (device A) has the IP address 192.168.1.2, would it be possible for another PC (device…
Jonathan T
- 31
- 1
- 3
2
votes
1 answer
ARP Spoofing does not update ARP Table
I'm currently trying to do ARP-Spoofing / ARP-Poisoning with Kali Linux in Virtualbox in order to check the security of the Network of my company. I'm currently doing a little pentest, therefore I am allowed to do this. I'm trying to gain a…
black_hawk
- 23
- 2
2
votes
3 answers
Is there any point of arp spoofing on a wifi network?
I know that arp spoofing is required on a LAN network due to the fact that data is sent directly to a destination, but what about for a WLAN network? All packets can be seen if you are in promiscuous mode, so is there any point of arp spoofing?
user227237
2
votes
1 answer
ARP request replay attack - why do APs work the way they do?
ARP request replay attacks are based on the practice that wireless access points repeat ARP packets injected into the network, and since these ARP packets are encrypted, they also carry the IV with it.
Can someone explain:
Why do wireless access…
Lincoln Cheng
- 123
- 4
2
votes
2 answers
Does ARP spoofing works in case the target ARP cache has the gateway
I am trying to create a script that will do a basic ARP spoofing attack (I choose this StackExchange website because the question is more about the theoretical side), and I see no reference to the attack in case the computer already has the gateway…
hjsv41
- 23
- 3
2
votes
0 answers
How is ARP-spoofing of a Modular CMTS online connection via coaxial broadband even possible?
as one can see on the following screen photos / screenshots, I'm permanently getting ARP-spoofed:
My router's MAC adress should be "90:5C:44:E2:8D:24", as can be seen on the screenshot of my router's Web-GUI and on the sticker attached to the router…
c128linux
- 21
- 1
2
votes
0 answers
Arp Spoofing detection with Ruby
I am planning to develop a Ruby script that detects ARP spoofing attacks on a local network, I have a few questions about it. There are three scenarios I am taking into consideration:
First idea as always is a basic idea.
If ARP poisoning is…
Fatih Altuntaş
- 121
- 1
2
votes
1 answer
ARP poisoning attack consequences
For testing purposes, I want to apply promiscuous mode in Wireshark to capture traffic not sent to me.
For this, I believe there is the need to poison the ARP table in the switch so that the attacker (me) gets all the requests.
Assume the switch…
tony9099
- 779
- 1
- 5
- 10