ARPSPOOF(8)ARPSPOOF(8)NAMEarpspoof - intercept packets on a switched LAN
SYNOPSISarpspoof [-i interface] [-c own|host|both] [-t target] [-r] host
DESCRIPTIONarpspoof redirects packets from a target host (or all hosts) on the LAN
intended for another host on the LAN by forging ARP replies. This is
an extremely effective way of sniffing traffic on a switch.
Kernel IP forwarding (or a userland program which accomplishes the
same, e.g. fragrouter(8)) must be turned on ahead of time.
OPTIONS-i interface
Specify the interface to use.
-c own|host|both
Specify which hardware address t use when restoring the arp con‐
figuration; while cleaning up, packets can be send with the own
address as well as with the address of the host. Sending packets
with a fake hw address can disrupt connectivity with certain
switch/ap/bridge configurations, however it works more reliably
than using the own address, which is the default way arpspoof
cleans up afterwards.
-t target
Specify a particular host to ARP poison (if not specified, all
hosts on the LAN). Repeat to specify multiple hosts.
-r Poison both hosts (host and target) to capture traffic in both
directions. (only valid in conjuntion with -t)
host Specify the host you wish to intercept packets for (usually the
local gateway).
SEE ALSOdsniff(8), fragrouter(8)AUTHOR
Dug Song <dugsong@monkey.org>
ARPSPOOF(8)