What is ARP spoofing?
ARP spoofing (also known as ARP poisoning or ARP attack) is a technique in which a host in a LAN can "poison" the ARP table of another host causing it to send packets to the wrong destination.
The attacker can modify the trafic in the network such a way that it will redirect all traffic to go through it. The attacker can then forward the traffic to the right destination
or block it causing DoS attack on the victim.
How ARP spooing works?
The attacker send fake arp message to the victim causing it to update its ARP table with false entries.
The ARP attack works as follow:
1) The attacket send ARP messages to the victim with false updates
2) The victim update its ARP table with the attacker MAC address and the false IP address provided by the attacker
3) When the victim is ready to send data (Ping in our case) it will send it using mac address listed in its ARP Table (the attacker's)
ARP Spoofing/poising Animation
The attacker is constently sending false ARP messages to the victim causing it to update its ARP table.
When you ready to send Ping, watch closley where the ping goes.
