ARP spoofing (also known as ARP poisoning) is a technique whereby an attacker sends fake “spoofed” Address Resolution Protocol (ARP) packets onto a Local Area Network (LAN). The purpose of this attack is to associate the attackers MAC address with the IP address of another host (such as a default gateway), causing any traffic that is meant for that IP address to be sent to the attacker instead.

ARP Spoofing may allow an attacker to intercept data frames on LAN, modify the traffic, or stop the traffic altogether. Often the attack is used as an opening for other attacks such as denial of service, man in the middle or session hijacking attacks.

The attack can only be used on networks that make use of the Address Resolution Protocol (ARP) and is limited to local network segments.

This ExampleARP Network

I will be using Linux KaliLinux version 1.0 as the attacker

Forward Linux Traffic

Should this be used as a denial of service attack you won’t need to run this, all traffic will hit the Linux box and terminate causing services not to run.

Should this be used as a man in the middle attack you will need to forward all traffic to the defined gateway

Temporarily Forward Traffic

echo "1" > /proc/sys/net/ipv4/ip_forward

Permanently Forward Traffic

vi /etc/sysctl.con
uncomment out the following line

ARP Spoofing

You should have two ARP attacks running, one against the target computer and one against the gateway for returning traffic.

arpspoof -i eth0 -t
arpspoof -i eth0 -t

Hold down Ctrl and press “C” to stop the attacks, two ARP packets will be sent after termination to set the arp table on the computer or router back to how they should be.


Only use this on devices you either own or have authorisation to use on.

Man in the Middle

  • You can use tools such as Wireshark to capture and analyse packets
  • SSL traffic needs to be stripped before viewing, you can use thee following tool SSLStrip


Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.