In this chapter you will learn about
• IP address spoofing
• Network traffic sniffing
• ARP and DNS cache poisoning
• SSL/TLS and SSH attacks
• Session hijacking
• Using tools like hping3, Ettercap, Bettercap, and Arpspoof
Attackers love capturing network traffic because it often gives them all they need to access resources. If no encryption is applied, account credentials, credit card information, Social Security numbers, and other sensitive data can be captured and give the attacker a very easy win. Sometimes that happens passively (just by intercepting traffic) or often actively (entailing some type of interaction with the network). ARP, DNS, and SSL attacks are very common, along with session hijacking, ...