9.3.3 - Poison ARP

These flashcards cover key concepts, terms, and processes related to man in the middle attacks, especially using Ettercap and ARP poisoning.

Man in the Middle Attack

A type of cyber attack where the hacker positions themselves between a victim and a target machine to intercept, manipulate, or inject traffic.

ARP Poisoning

A technique used in man in the middle attacks to send fake ARP messages on a local network, associating the attacker's MAC address with the IP address of the legitimate device.

Ettercap

A network security tool used for man-in-the-middle attacks on LAN; it can capture and inject data into network traffic.

HTTP vs HTTPS

HTTP is a protocol for transferring data over the internet, while HTTPS is its secure version, using SSL/TLS to encrypt the data between client and server.

Traffic Interception

The act of capturing and reading data being transmitted over a network.

Credential Capture

The process of recording a user's credentials, such as usernames and passwords, typically without their consent for malicious purposes.

Unified Sniffing

A mode in Ettercap that allows you to capture all traffic on a network, ensuring you see communications between the victim and other devices.

Victim Machine

The target device in a man in the middle attack that the attacker aims to capture information from.

Nmap

A network scanning tool that can discover hosts and services on a computer network by sending packets and analyzing the responses.

Sniffing and Spoofing

Techniques used in network attacks; sniffing refers to capturing packets of data, while spoofing involves impersonating another device on the network.