ARP cache poisoning

(redirected from ARP spoofing)
Also found in: Wikipedia.

ARP cache poisoning

A method of intercepting packets in a TCP/IP network by sending a false address resolution protocol (ARP) message into the network. In order to accomplish this, the attacker must have access to the local network. The false ARP message generally redirects traffic to the perpetrator's computer, which is used to view or modify the network packets in some manner. See ARP, ARP cache and man-in-the-middle attack.
References in periodicals archive ?
Dynamic ARP Inspection (DAI) inspects ARP packets, can prevent from ARP spoofing and ARP cache poisoning attacks, validate ARP packets, and discard invalid IP-to-MAC address bindings according to DHCP snooping or static DHCP binding, keep the MAC table correct.
In [6], the authors propose a way to detect anomalous events by analyzing the users' operation history of DLNA devices using ARP spoofing.
ARP spoofing is a technique where fake ("spoofed") ARP messages are sent onto a Local Area Network.
For advanced device-detection and policy-enforcement capabilities, the appliance protects against ARP spoofing, and enables session-specific policy creation and enforcement, open-port hardening and network-agnostic blocking.
He gives a summary of Unix and Windows host security, including basic tools and techniques, then covers privacy and anonymity that will use encryption and other methods to guard against such felonies as phishing, firewalls, including installing and using commercial firewall products, encryption and securing services, network security, including detecting ARP spoofing and tracking attackers, wireless security, logging, monitoring and trending, secure tunnels, network intrusion protection, recovery and response.
Like many IP devices, VoIP phones are vulnerable to ARP spoofing, allowing man-in-the-middle attacks and including data interception and packet injection.
In 2010, distribution methods involving ARP spoofing attacks, anti-spam detouring and copying well known software were all identified.
With the Layer 2 Firewall, wireless clients are protected from popular security breaches such as ARP spoofing, password sniffing, DHCP spoofing, and other malicious attacks commonly found in public wireless environments.
3) detects/blocks dual-homed connections, device impersonation, ARP spoofing attempts, and more.
Sourcefire NS utilizes several preprocessors to perform complex protocol analysis and normalization, detecting anomalies such as portscans, IP stack fingerprinting, Denial of Service (DoS) attacks and ARP spoofing.
Layer-2 Detection: Protects against MAC-level attacks, such as ARP spoofing and ARP poisoning.