Enhancing Network Security: ARP Spoofing Detection and Mitigation Using Ettercap and SSH-Based Defenses
摘要
ARP is an important IPv4 network protocol for mapping 32-bit IP addresses to MAC addresses for local communication but lacks authentication and therefore can be susceptible to ARP spoofing. The article provides a real-world example of how ARP spoofing can be demonstrated using Ettercap in a test environment, whereby victim ARP tables were successfully tampered with in order to divert network traffic. Experiment results validate the possibility of such attacks by intercepting sensitive information and highlighting the risks involved. To counter these vulnerabilities, an SSH-based security strategy was devised to provide secure data transfer between devices. Our results were validated by encrypted traffic logs that show SSH to effectively stop unauthorized packet sniffing during file transfers. The research highlights the necessity of integrating encryption protocols in order to improve network security.