Currently, apart from the viruses that surf the Internet freely, waiting for an unsuspecting user to fall into their traps. The people dedicatedly trying to force their entry into other people’s computers. Today we see what is the ARP Poisoning, a very effective technique, although a little old, used by hackers to achieve their malicious objectives.How does that Poisoning APR work and what is it? We show it to you below.
The typical ARP Spoofing attack or ARP spoofing or impersonation (also called MitM on the link layer), allows intercepting and/or modify the communications between the equipment that is in the same network segment. This attack especially dangerous since it occurs after the attacker already inside our network, has managed to avoid the possible security measures that we have implemented and will be able to access all the traffic of our network.
It should be noted that it is one of the most common attacks on public networks, such as WIFI’s of bars, restaurants, universities, etc.
How does ARP Poisoning work?
The attack based on the operation of the protocol DCHP, Dynamic Host Configuration Protocol, this protocol allows clients of an IP network to obtain the configuration parameters automatically.
Let’s try to summarize it
The list of dynamic IP addresses called ARP. Dynamic IP assigned to the clients as its free, linking said IP with the physical and real address of the machine called MAC. The attack consists of a supplanting list, the physical or MAC address of the victim’s device (usually the gateway), by the attacker’s MAC address, associated with the IP of the victim, and therefore supplanting it.
After getting to impersonate the victim, the attacker will be able to intercept, modify or even retain data that is in transit, therefore it will have a wide control of the data traveling through the network.
At the beginning of this article, I commented that this type of attack allows intercepting communications between computers in the same network segment. This is not entirely true since with a port theft in the router (an ARP poisoning but in the CAM or Content Addressable Memory of the router) intercept the communications coming from the Internet (or another network) to the victim who is in another network segment. what we cannot do is poison the victim’s ARP cache, this implies that it would only affect confidentiality and access control, not integrity.
To Get the Info on Anti Malware Software: Click Here
For more About the ARP Poisoning, visit: https://en.wikipedia.org/wiki/ARP_spoofing