From: Dustin Trammell (DTrammell@PENSON.COM)
Date: Mon May 13 2002 - 16:35:46 EDT
>> This is something I'd like to know: Is [Spoofing] the correct term for
>> this ARP modification technique? Would "ARP Poisoning" be a better or
>> correct one than 'spoofing'?.
>
>Spoofing according to Merriam Webster means "to decieve". >
>
>Technically arp-spoofing would be forging packets with the hardware
>address of the host you are pretending to be.
>
>Arp Poisoning would involve you making the victim host believing that IP
>Address XXX.XXX.XXX.XXX has MAC Address XX.XX.XX.XX.XX.XX
>
>That I think should highlight the difference, but I do believe people
>use the terms interchangably.
I believe that the reason most people use the terms interchangeably, is that
usually you are using arp-spoofing as the technique to allow poisoning of a
target's arp cache. You can use arp-spoofing for other purposes, and you
can poison arp cache using other techniques, but the two used together as
described above is by far the most common discussed.
--- Dustin D. Trammell Information Security Specialist Penson Financial Services, Inc. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT