LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page arp spoofing- who's vulnerable?
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 12-25-2008, 10:21 PM   #1
abolishtheun
Member
 
Registered: Mar 2008
Posts: 183

Rep: Reputation: 31
arp spoofing- who's vulnerable?

OK, so ARP spoofing is when an attacker sends out fake ARP responses associating someone else's IP address with his own mac address, thereby receiving packets meant for someone else..

My question is: who exactly can the attacker spoof? ie, what is the "domain of vulnerability" for an ARP spoofing attack?

I figured that the attacker could impersonate anyone on the same subnet/behind the same router, because ARP requests are broadcasts; but I've also read that ARP spoofers can only mimic someone on the same segment/behind the same ethernet switch... which is correct? am I missing something?
 
Old 12-26-2008, 04:54 AM   #2
Berhanie
Senior Member
 
Registered: Dec 2003
Distribution: Fedora
Posts: 1,492

Rep: Reputation: 144Reputation: 144
When switches are involved, segments aren't shared (unless you connect a hub to a switch), so
it doesn't make sense to "mimic someone on the same segment". Also, switches forward broadcasts
(assuming a single VLAN), so potentially the entire subnet is vulnerable to arp spoofing.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange ARP behavior : A linux server responds to all ARP requests Hdvd21 Linux - Networking 3 05-07-2009 02:03 AM
need help : iptables problems? arp spoofing romeo_tango Linux - Security 5 03-12-2007 06:43 AM
"Arp spoofing" muppski Linux - Security 9 02-11-2006 04:05 AM
Disabling ARP probes after receiving an ARP request AltecLansingMan Linux - Networking 1 03-30-2004 01:25 PM
How to create an proxyarp entry in arp table by using arp command? himalayas Linux - Networking 0 06-04-2003 04:14 AM


All times are GMT -5. The time now is 12:59 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration