Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Arp spoofing & dsniff

From: Dustin Trammell <DTrammell () PENSON COM>
Date: Mon, 13 May 2002 15:35:46 -0500
This is something I'd like to know: Is [Spoofing] the correct term for
this ARP modification technique? Would "ARP Poisoning" be a better or
correct one than 'spoofing'?.


Spoofing according to Merriam Webster means "to decieve". >

Technically arp-spoofing would be forging packets with the hardware
address of the host you are pretending to be.  

Arp Poisoning would involve you making the victim host believing that IP
Address XXX.XXX.XXX.XXX has MAC Address XX.XX.XX.XX.XX.XX

That I think should highlight the difference, but I do believe people
use the terms interchangably.


I believe that the reason most people use the terms interchangeably, is that
usually you are using arp-spoofing as the technique to allow poisoning of a
target's arp cache.  You can use arp-spoofing for other purposes, and you
can poison arp cache using other techniques, but the two used together as
described above is by far the most common discussed.

---
Dustin D. Trammell
Information Security Specialist
Penson Financial Services, Inc.



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: