Skip to content

Mosaico's blog

Menu
  • About me
Menu

Arp spoofing

Posted on January 26, 2025January 27, 2025 by Mosaico

Attack description

Arp spoofing(aka falsification) is an attack that affects the tcp/ip link layer.

Weaknesses exploited


This attack exploits the arp protocol’s main vulnerability: its statelessness.

This means that the arp protocol was designed to work without a memory, only by relying on what is read i the received packet.

Attack mechanism

 

Which tools implement this attack?

Ettercap.

This tool implements the attack by sending a crafted packet to the victim.

Threat actor’s advantages

This attack can enable a malicious actor toperform a man in the middle attack, which can lead to eavesdropping on the exchanged packets or to a dos attack.

Also the switch’s arp table can be flooded, leading to dos.

With this attack the threat actor could impersonate the gateway.

Mitigations

Set the arp tables entries as static.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Arp spoofing
  • Welcome to my new blog!

Recent Comments

  1. Mosaico on Welcome to my new blog!
  2. karyl on Welcome to my new blog!

Archives

  • January 2025

Categories

  • Link layer attacks
  • Uncategorized
© 2025 Mosaico's blog | Powered by Minimalist Blog WordPress Theme