In this way, a victim device could unknowingly send all its network traffic to this attacker, and carry out two different types of attacks:
The ARP Poisoning attack consists of poisoning the ARP table of a victim, making it believe that the router is the attacker, with the aim that the victim forwards all its traffic to this attacker to perform a sniffing of each and every one of the connections that perform.
The ARP protocol was not designed with the aim of being secure, so it does not verify at any time that the response to an ARP request really comes from a legitimate host, anyone could impersonate another host easily and quickly, performing an ARP Poisoning attack. ARP Poisoning attacks are specifically focused on this entry, and now we will explain why. One of the most important entries in the ARP table is the one displayed by the router, usually the first IP address on the subnet. In this way, if a certain computer does not know the MAC of an IP address, it will have to send an ARP request packet, requesting the corresponding MAC address from other computers. All computers keep this ARP table as a cache, so it will be temporarily renewed or as new computers appear with which we want to communicate, that is, it is a dynamic table and it changes depending on the communications that we are going to make.
0 kommentar(er)
