Attacks & Threats
ARP Spoofing
Also known as: ARP poisoning, ARP cache poisoning
Definition
A local-network attack that sends forged ARP messages to bind the attacker's MAC address to another host's IP, redirecting traffic through the attacker.
Examples
- An attacker on a corporate Wi-Fi tricking laptops into routing traffic through their laptop to harvest credentials.
- Using Ettercap or arpspoof to perform a man-in-the-middle attack on an unencrypted protocol.
Related terms
Man-in-the-Middle Attack
An attack in which an adversary secretly relays or alters communications between two parties who believe they are talking directly to each other.
MAC Spoofing
Changing a network interface's hardware MAC address to impersonate another device, bypass MAC-based access controls, or evade tracking.
Session Hijacking
An attack that takes over a victim's authenticated session by stealing or forging the session identifier so the attacker can act as the user without their credentials.
SSL Stripping
A man-in-the-middle attack that silently downgrades a victim's HTTPS connection to plain HTTP so the attacker can read and modify the traffic.
Network Segmentation
Network Segmentation — definition coming soon.
DNS Spoofing
An attack that injects falsified DNS responses to redirect victims from a legitimate domain to an attacker-controlled IP address.