ARP poisoning attack
- This application demonstrates an attack that poisons the ARP table (Wikipedia)
on a victim machine, misleading it about the identity of the server it is communicating with.
- Using such an attack, a hacker could potentially gain access to network traffic between a user's machine and a remote server.
- In this demonstration, three Unix-based containers with terminal access will be created for you; one each for the server, victim and hacker.
- The hacker container comes preloaded with the arpspoof application that you will need to run to start the attack.
- During the course of the attack, you will be able to monitor both the network traffic between the victim and server
and the contents of the ARP tables on these three machines
- Based on your understanding of ARP, you should be able to convince yourself that the hacker has indeed injected itself into the victim's ARP
tables, thus misleading it about the server's identity.
- Ready to go? Try It !
- Note: You will have around 20 minutes to test this application.