ARP Spoofing

ARP spoofing (or ARP poisoning) is a local network attack where an attacker sends fake ARP (Address Resolution Protocol) messages to associate their MAC address with a legitimate IP address, enabling man-in-the-middle attacks on the local network. This allows the attacker to intercept, modify, or stop traffic in transit. ARP spoofing can be used to steal credentials on unencrypted protocols or to intercept HTTPS traffic in combination with SSL stripping. Dynamic ARP Inspection (DAI) on managed switches prevents this attack.

Why it matters for your website

• 1Can result in traffic interception, phishing attacks using your domain, or service disruption
• 2Often discovered and exploited before organizations notice
• 3Preventable with proper monitoring and defensive DNS configuration