Questions tagged [arp-spoofing]

ARP spoofing is an attack technique which sends spoofed Address Resolution Protocol (ARP) messages to Local Area Network (LAN). The idea is to identify attacker's MAC address as the address of another network host and redirect traffic intended for another IP address to the attacker's IP address instead.

ARP spoofing, if successful, enables an attacker to intercept LAN data packets, shape traffic, or stop it altogether. This type of attack is often used as an attacker's opening gambit for other attacks, such as denial of service (DoS), man in the middle (MiTM), or session hijacking. This attack can only be staged on local networks that use Address Resolution Protocol (ARP).

209 questions

votes

1 answer

How man in the middle attack works on multiple targets?

I'm finding hard to understand how it is possible to perform a man in the middle attack to a whole network. It is easy for the attacker to tell every victim in the subnet that his mac address is the gateway's mac, so he can intercept all requests…

man-in-the-middle arp-spoofing

asked Apr 01 '17 at 21:59

Pedro de Lyra

votes

2 answers

Forcing a black box to register a ssl cerificate

I have in my home a proprietary device, which I took an interest to see what it does over the network. I first determined his Ip on my network, and the port used to pass http/s requests, then arp spoofed him to my mitmproxy server. After this setup…

tls certificates arp-spoofing reverse-engineering black-box

asked Dec 25 '16 at 21:19

Nadav96

votes

3 answers

Security against ARPspoofing

If I had 2 networks, one with a router and clients connected to it, and other with clients connected to switch and this switch connected to router, which one would be more secure in terms of ARP Spoofing? I believe that since switch is a layer 2…

network router arp-spoofing

asked Dec 22 '16 at 10:13

7_R3X

votes

1 answer

Is it possible to have a man in the middle with SOCK5?

If I am entering a password in facebook.com, an attacker in my subnet can build a man-in-the-middle attack with arpspoof and nat iptables rules by turning my HTTPS connections into HTTP and get my facebook password. 1. Is it still the case if I am…

man-in-the-middle attack-prevention arp-spoofing socks5

asked Dec 04 '16 at 11:17

user203771

votes

1 answer

DnsSpoof Target machine wont connect

SETUP: Target Machine: VM on my network, on a machine that is hardwired to the router Kali Box: Tried both in a VM on the same machine as my target and a live boot on a laptop over wifi. Both within the same network MACHINE IPS: Target:…

dns kali-linux arp-spoofing dns-spoofing

asked Sep 20 '16 at 00:44

DotNetRussell

1,441
1
19
30

votes

3 answers

Can a Man In The Middle attack cause a certificate error?

I was playing around with Ettercap and I performed an ARP spoofing, MiTM attack on a friends computer as a joke. Now (about a day later) she tried to login to a website for work and it said "Your connection is not private"…

tls certificates man-in-the-middle arp-spoofing

asked Jul 05 '16 at 06:16

KNejad

votes

1 answer

Why isn't the arp cache locked for the gateway by default?

So one way to prevent arp poisoning is to lock the associated entry in the arp cache for the gateway. My question is, why isn't this done by default? What are the drawbacks? I was thinking that you would not be able to connect to a new network, but…

arp-spoofing

asked Mar 02 '16 at 21:41

trallgorm

votes

1 answer

Does subterfuge work on ALL networks?

Does subterfuge's ARP poisoning attack work on all networks? If not, what kind of precautions can be taken against it? Meaning, what kind of networks, if any, does it fail on? My understanding is that the only way to fight the attack is to have some…

man-in-the-middle arp-spoofing

asked Feb 02 '16 at 22:28

Elliot Gorokhovsky

votes

1 answer

How to detect arp spoofing using iptable?

How can I set iptables to detect arp spoofing on linux?

linux detection arp-spoofing iptables

asked Oct 15 '15 at 16:53

user3806649

-1

votes

1 answer

Man in the middle attack

How data can be modified in a man in the middle attack? is there any video demonstrating that,any how to guide,i need practical material ,i have used cain and abel,ettercap but now i am strucked i don't know how to move furthur. I am able to see…

man-in-the-middle arp-spoofing

asked Sep 23 '13 at 08:34

Gopal Sharma

-3

votes

1 answer

Why arp spoofing only attack layer 2

I am studying network security. I am wondering about ARP Spoofing. As you know ARP and ICMP only work at Layer 3 (network). But ARP spoofing attacks layer 2 (data link: mac address table). I don't understand the problem.

man-in-the-middle arp-spoofing

asked Mar 16 '17 at 12:27

Nguyễn Ngọc Anh

-3

votes

1 answer

PHP: Is it possible to save User from ARP spoofing?

Is it possible to make php application secure enough to save users from ARP spoofing?

php arp-spoofing

asked Jan 25 '17 at 11:34

Ayyaz Zafar

-4

votes

1 answer

ARP Poisoning effects

On a normal data exchange of the address resolution protocol (ARP), which steps of the exchange are affected by the ARP Poisoning attack? If anybody would be able to answer this or show me a link that can help, it'll be very much appreciated!

attacks arp-spoofing

asked Jun 24 '13 at 17:53

KTF

-4

votes

2 answers

how to stop hackers from any spoofing?

My PC and network, internet are under attack by hackers. I have used XARP a software that shows the attacks, but cannot stop them. The professional version claims it can, by buying XARP PRO. I am disabled, cannot afford to buy software, I barely…

arp-spoofing

asked Mar 10 '16 at 18:56

Bavarian Ph

Prev 1 2 3

…