What Is ARP Poisoning And How Does It Affect You?

When you are a black hat hacker, at least one who is considered to be on the elite level, there are a lot of plans that go into an attack. First of all you have to figure out the target that you are attacking and what do you have to benefit from attacking it. Then you have to figure out exactly what item that you are going to attack in this organization. After that is considered then you have to figure out how you are going to attack. With a lot of targets out there you may see many ways to attack an item. Some of the attacks that you may know are more effective than other but more than likely an item that you are going to attack has more than one weakness.

This is especially true when you are dealing with objects that have to do with the network for an organization. The network is not something that can be considered reliable at all times and it always needs constant upkeep to be effective. But it is the device that allows you to be able to easily communicate with both the outside world and the people who are around your office. The modern day office space is built with the idea that the office is going to communicate somehow through a network. Even with all of its weaknesses it can still prove to be very effective at its job overall.

One of the reasons why the modern network has so many holes in it is because of the many protocols that you have to deal with when using it. The modern day network has at the very least 3 protocols that it has to deal with. First of all it has the TCP/IP that it has to deal with. It also has to deal with the UDP protocol as well. And if the network has a router that is attached to it and it plans to be able to communicate with the outside world then it has to deal with HTTP protocol as well. When you have this many technologies working together with this many lines of code and it is interacting with humans all of the time then you know that you are dealing with a device that is going to have some holes in it somewhere.

The protocols that we mentioned earlier are the main protocols that the modern day network needs to know to be able to communicate effectively. There are also several other protocols that are used on a daily basis as well. And all of these smaller protocols are ripe for attack just like the ones that we mentioned before are. A common protocol that is attacked on a regular basis is the Address Resolution Protocol which is otherwise known as ARP.

ARP is the protocol that is used on the network layer of the modern day network. Yes, the modern day network has a split of seven layers but that is a story for another day. Is the protocol that the network uses to communicate with itself. An attack that is known as ARP spoofing or ARP poisoning allows a person to be able to twist the communication of the ARP protocol and make it talk to whoever the attacker wants it to talk to. A lot of times this means that the attacker connects to the network, poisons the ARP packets, and make the packets that were meant to go to the main machine go to the MAC address of the machine that the attacker is on. So now all of the data that is supposed to go to one computer flows to another.

As you can see, ARP poisoning can be a real problem if done right so you need to know the problem to be able to spot it on your system.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind