Address Resolution Protocol (ARP) is the method for finding a host's Link
Layer (MAC) address when only its IP address is known. The ARP table is used
to maintain a correlation between each MAC address and its corresponding IP
address. The ARP table can be manually entered by the user. User entries are
not aged out.
With the same context, ARP Tables can also be used to detect Man in Middle
Attacks.
-
In Command Prompt or Terminal, based on your Operating System, type
ipconfig for Windows Users and ifconfig for MAC and Linux
Users. Note the Default Gateway IP Address. In our case, it is
10.0.2.1.
Windows Result
- Now type, arp -a and check if the MAC Address of Default Gateway is like any other IP. If yes, then the IP with which the MAC Address is the same as the Attacker.
-
Not under attack as the Default Gateway's MAC Address is not the same as
anyone.
-
Under Attack as the Default Gateway and the IP [10.0.2.60] has
the same MAC Address. So, the IP [10.0.2.60] is the
attacker.
Video Tutorial
We hope this helps. If any suggestions or doubts you can add a comment and
we will reply as soon as possible.
No comments:
Post a Comment