Address Resolution Protocol (ARP) may be a stateless protocol used for resolving IP addresses to machine MAC addresses. All network devices that require to speak on the network broadcast ARP queries within the system to seek out out other machines’ MAC addresses. ARP Poisoning is additionally referred to as ARP Spoofing.

Here is how ARP works −

When one machine must communicate with another, it’s up its ARP table.
If the MAC address isn’t found within the table, the ARP request is broadcasted over the network.
All machines on the network will compare this IP address to MAC address.
If one among the machines within the network identifies this address, then it’ll answer the ARP request with its IP and MAC address.
The requesting computer will store the address pair in its ARP table and communication will happen .

What is ARP Spoofing?

ARP packets are often forged to send data to the attacker’s machine.

ARP spoofing constructs an outsized number of forged ARP request and reply packets to overload the switch.
The switch is about in forwarding mode and after the ARP table is flooded with spoofed ARP responses, the attackers can sniff all network packets.

Attackers flood a target computer ARP cache with forged entries, which is additionally referred to as poisoning. ARP poisoning uses Man-in-the-Middle access to poison the network.

What is MITM?

The Man-in-the-Middle attack (abbreviated MITM, MitM, MIM, MiM, MITMA) implies a lively attack where the adversary impersonates the user by creating a connection between the victims and sends messages between them. during this case, the victims think that they’re communicating with one another , but actually , the malicious actor controls the communication.

1.1

A third person exists to regulate and monitor the traffic of communication between two parties. Some protocols like SSL serve to stop this sort of attack.

ARP Poisoning − Exercise

In this exercise, we’ve used Better CAP to perform ARP poisoning in LAN environment using VMware workstation during which we’ve installed Kali Linux and Ettercap tool to smell the local traffic in LAN.

For this exercise, you’d need the subsequent tools −

VMware workstation
Kali Linux or Linux OS
Ettercap Tool
LAN connection

Note − This attack is feasible in wired and wireless networks. you’ll perform this attack in local LAN.

Step 1 − Install the VMware workstation and install the Kali Linux OS .

Step 2 − Login into the Kali Linux using username pass “root, toor”.

Step 3 − confirm you’re connected to local LAN and check the IP address by typing the command ifconfig within the terminal.

1.2

Step 4 − Open up the terminal and sort “Ettercap –G” to start out the graphical version of Ettercap.

1.3

Step 5 − Now click the tab “sniff” within the menu bar and choose “unified sniffing” and click on okay to select the interface. We are getting to use “eth0” which suggests Ethernet connection.

1.4

Step 6 − Now click the “hosts” tab within the menu bar and click on “scan for hosts”. it’ll start scanning the entire network for the alive hosts..

Step 7 − Next, click the “hosts” tab and choose “hosts list” to ascertain the amount of hosts available within the network. This list also includes the default gateway address. we’ve to take care once we select the targets.

1.5

Step 8 − Now we’ve to settle on the targets. In MITM, our target is that the host machine, and therefore the route are going to be the router address to forward the traffic. In an MITM attack, the attacker intercepts the network and sniffs the packets. So, we’ll add the victim as “target 1” and therefore the router address as “target 2.”

In VMware environment, the default gateway will always end with “2” because “1” is assigned to the physical machine.

Step 9 − during this scenario, our target is “192.168.121.129” and therefore the router is “192.168.121.2”. So we’ll add target 1 as victim IP and target 2 as router IP.

1.6

Step 10 − Now click on “MITM” and click on “ARP poisoning”. Thereafter, check the choice “Sniff remote connections” and click on OK.

1.7

Step 11 − Click “start” and choose “start sniffing”. this may start ARP poisoning within the network which suggests we’ve enabled our network card in “promiscuous mode” and now the local traffic are often sniffed.

Note − we’ve allowed only HTTP sniffing with Ettercap, so don’t expect HTTPS packets to be sniffed with this process.

Step 12 − Now it’s time to ascertain the results; if our victim logged into some websites. you’ll see the leads to the toolbar of Ettercap.

1.8

This is how sniffing works. you want to have understood how easy it’s to urge the HTTP credentials just by enabling ARP poisoning.

ARP Poisoning has the potential to cause huge losses in company environments. this is often the place where ethical hackers are appointed to secure the networks.

Like ARP poisoning, there are other attacks like MAC flooding, MAC spoofing, DNS poisoning, ICMP poisoning, etc. which will cause significant loss to a network.

So, this brings us to the end of blog. This Tecklearn ‘Concept of ARP Poisoning’ blog helps you with commonly asked questions if you are looking out for a job in Cyber Security. If you wish to learn Ethical Hacking and build a career in Cyber Security domain, then check out our interactive, Certified Ethical Hacker Training, that comes with 24*7 support to guide you throughout your learning period. Please find the link for course details:

https://www.tecklearn.com/course/certified-ethical-hacker-training/

Certified Ethical Hacker Training

About the Course

Tecklearn’s CEH certification training course provides you the hands-on training required to master the techniques hackers use to penetrate network systems and fortify your system against it. In this training, you will master how to identify security vulnerabilities by inspecting network infrastructures and defend the malicious hacker with essential tools and techniques, advanced network packet analysis and system penetration testing techniques to build your network security skill-set and prevent hackers. We will train you on the advanced step-by-step methodologies that hackers actually use such as writing virus codes and reverse engineering so you can better protect corporate infrastructure from data breaches.

Why Should you take Certified Ethical Hacker Training?

The average salary for a Cybersecurity Specialist is $110,881 per year in the United States and INR 900,000 per year in India – Indeed.com
Global Cybersecurity industry is estimated to cross US$ 220 billion by 2021.
Today cyber security is one of the most important aspects for any organization. In today’s digitally-driven world every organization needs professionals who can keep the hackers at bay. Hence the salaries for certified ethical hackers are among the best in the industry.

What you will Learn in this Course?

Introduction to Ethical hacking

Scope of ethical hacking
Enterprise information security architecture
Introduction and PCI Data Security Standard Overview
Role of Security and Penetration Testers
Vulnerability assessment
Various cyber security laws
Penetration testing

Various aspects of Information Security

Information security attacks
OS attacks
Application level attacks
Phases and Concepts of Hacking
Information Security Law and Standards

System Hacking

What is System Hacking
Goals of System Hacking
Understanding the certified ethical hacker methodology
About Kali Linux
Hands On

Technology Standards

Introduction to F5 Technology and Terms
POS (Point of Sale ) , mPoS
What is GLBA Compliance
OWASP
Site monitoring Tools
Introduction to PCI DSS Standard

Semantics and Introduction to Footprinting

What is Semantics
Fuzzy Logic
Footprinting

Threats

Types of Threats
Threats against the Application
Threat modelling
Hands on

Threat modelling

Threat modelling with STRIDE model
Ways to Find Security Issues
Penetration Testing Tools
Modelling Models – Whiteboard Diagrams, Brainstorming, Structured Diagrams etc.
Trust Boundaries
Threat Trees
DREAD Model

Example of Attack

Vulnerability Scanning Tools

OpenVAS
Wapiti
Burp Suite Community
Metasploit

Threat Modelling with Different models

Various Threat Models
PASTA Model in Depth

Advanced concepts like network packet analysis

Network scanning
How to scan the network, overview of scanning
WireShark
Sniffing attacks
File Signature

Got a question for us? Please mention it in the comments section and we will get back to you.

577