September 2017
Beginner to intermediate
436 pages
12h 33m
English
Content preview from Implementing Cisco Networking Solutions
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
ARP spoofing
An attacker can send a gratuitous ARP packet (an ARP reply sent without first receiving an ARP request) with a spoofed source address, causing the default gateway or another host to learn about it and store it in its ARP table. The ARP protocol (RFC 826) will create an entry for any such malicious host without performing any type of authentication or filtering. This behavior results in vulnerability to spoofing attacks and that lets the attacker receive frames intended for another user. This can be prevented by blocking all user-to-user communication by using the Switchport protected command. This allows only the users to talk to the gateway and not talk to each other on the network. We will discuss this in more detail in the ...