Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: RE: Arp spoofing & dsniff

RE: Arp spoofing & dsniff

From: Dustin Trammell <DTrammell_at_PENSON.COM>
Date: Mon, 13 May 2002 15:35:46 -0500

>> This is something I'd like to know: Is [Spoofing] the correct term for
>> this ARP modification technique? Would "ARP Poisoning" be a better or
>> correct one than 'spoofing'?.
>
>Spoofing according to Merriam Webster means "to decieve". >
>
>Technically arp-spoofing would be forging packets with the hardware
>address of the host you are pretending to be.
>
>Arp Poisoning would involve you making the victim host believing that IP
>Address XXX.XXX.XXX.XXX has MAC Address XX.XX.XX.XX.XX.XX
>
>That I think should highlight the difference, but I do believe people
>use the terms interchangably.

I believe that the reason most people use the terms interchangeably, is that
usually you are using arp-spoofing as the technique to allow poisoning of a
target's arp cache. You can use arp-spoofing for other purposes, and you
can poison arp cache using other techniques, but the two used together as
described above is by far the most common discussed. 

---
Dustin D. Trammell
Information Security Specialist
Penson Financial Services, Inc.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on May 13 2002
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]