explain the term ARP Posoning and discuss how it maybe employed to circumvent some of the inherent security provided by a swithced network architecture.
2006-08-12 22:30:53 · 3 answers · asked by sona j 1 in Computers & Internet ➔ Computer Networking
in brief
ARP poisoning enables local hackers to cause general networking mayhem. Because it's mostly "incurable," every administrator should be aware of how this attack works.
ARP, a very simple protocol, consists of merely four basic message types:
An ARP Request. Computer A asks the network, "Who has this IP address?"
An ARP Reply. Computer B tells Computer A, "I have that IP. My MAC address is [whatever it is]."
A Reverse ARP Request (RARP). Same concept as ARP Request, but Computer A asks, "Who has this MAC address?"
A RARP Reply. Computer B tells Computer A, "I have that MAC. My IP address is ....
ARP protocol has no way of verifying ARP replies.
ARP Poisoning: the attacker lies to a device on your network, corrupting or "poisoning" its understanding of where other devices are. This frighteningly simple procedure enables the hacker to cause a variety of networking woes
like DOS -denial of service attack
man in the middle attack Mac floading
If you want more read this:
http://www.watchguard.com/infocenter/editorial/135324.asp
or this
http://www.infosecwriters.com/text_resources/pdf/ARP_Poisoning_In_Practice.pdf
2006-08-12 22:44:49 · answer #1 · answered by Ana 6 · 0⤊ 0⤋
Great Ana, Thats the explanation...No one can explain better than this...
2006-08-13 05:51:14 · answer #2 · answered by Peter 2 · 0⤊ 0⤋
i like it
2006-08-13 05:33:58 · answer #3 · answered by caramoanboy 2 · 0⤊ 0⤋