What is ARP Spoofing?

      

           

                 ARP is Address Resolution Protocol. ARP Spoofing is a technique used to attack an Ethernet LAN (wired or wireless network). ARP Spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether. The attack can only be used on networks that make use of ARP and not another method of address resolution.

                  It is also known as ARP flooding, ARP poisoning or ARP Poison Routing (APR), ARP cache poisoning. The principle of ARP spoofing is to send fake, or "spoofed", ARP messages to an Ethernet LAN. Generally, the aim is to associate the attacker's MAC address with the IP address of another node (such as the default gateway). Any traffic meant for that IP address would be mistakenly sent to the attacker instead. 

                

                 The attacker could then choose to forward the traffic to the actual default gateway (passive sniffing) or modify the data before forwarding it (man-in-the-middle attack). The attacker could also launch a denial-of-service attack against a victim by associating a nonexistent MAC address to the IP address of the victim's default gateway.

                 ARP spoofing attacks can be run from a compromised host or from an attacker's machine that is connected directly to the target Ethernet segment. A successful ARP attempt is invisible to the user.

Arp spoof features 

• Support both IPv4 Address resolution and IPv6 Neighbor discovery address resolution.
• Platform-independent, now it can be run in Window 2000/XP 
• Add interface selection function to help user to choose the right interface
  this is very useful for Window environment, because its interface name is
  very long, and number based. e.g. \Device\NPF_{50B9EDBA-4C63-49B4-902B-59FD53778EBE}
  although the program still allows users to specify the interface in its arguments, it
  is very difficult to remember it and very easy to make mistakes.
• Add cleanup function for Win32 system
  when the user stops arpspoof, arpspoof will tell the target host the real MAC
  address of the victim host. Otherwise, the system will take longer time to wait
  until the corresponding Arp cache entry to neighbor cache entry times out.
• When using for IPv6, arpspoof provides its own function to get the target MAC address.
  This feature will allow arpspoof run in those OS without IPv6 to be able to run the arpspoof
  for IPv6, e.g. in Window 2000.
• Completely compatible with the arpspoof distributed in the d sniff package written by Dug Song <dugsong@monkey.org>
• Full source code provided.

Arp spoof distribution

• Arpspoof is distributed as binaries and source code.

Arp spoof support reference

• Report and track bugs using the Source Forge Tracker.

File comparison and merge tools

• Win Merge is an Open Source visual text file differencing and merging tool for Win32 platforms. Features include: diff / merge, directory comparison, directory recursion, horizontal diff, Visual Source Safe integration, and a simple integrated editor.
• Ara-xis Merge is a very powerful commercial diff and merge program for Windows.
• Xx-diff has some nice features (horizontal diffs, recursive directory diffs). It runs on UNIX (IR-IX, Linux, Solaris, HP/UX, DEC Tru64) and it's under GPL.
• Cs-diff is a free advanced file difference analysis tool for Windows 95/NT.
• Guiffy is the quintessential cross-platform, visual source file / folder & tree, Compare/Merge utility and component. It's commercial and implemented in Java.
• KDiff3 is a text diff and merge tool for KDE3 and MS-Windows distributed under GPL.
• MacCvs has built-in support for using either Code-warrior, BBEdit or File Merge as external diff viewers and merge tools. However, it also allows driving any other external application either directly or via shell scripts and/or Apple-script.
• Grig Software offers shareware tools for file compare/merge and directories/archives synchronization.
• Beyond Compare from Scooter Software is a commercial advanced file and folder comparison utility which also allows visual comparison of binaries (in hex view) and images via plug-in.
• Proxy-diff is a small Open Source tool that lets you use multiple external Diff tools from within WinCvs based on file extension. Also allows reformatting of input arguments.
• Image Compare is a (very) simple Open Source tool for Windows which eases spotting differences in image files by offering three different views: side-by-side, stacked or overlay-ed (alpha-blended).