1ARPSPOOF(8) System Manager's Manual ARPSPOOF(8)
2
6 arpspoof - intercept packets on a switched LAN
7
9 arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host
10
12 arpspoof redirects packets from a target host (or all hosts) on the LAN
13 intended for another host on the LAN by forging ARP replies. This is
14 an extremely effective way of sniffing traffic on a switch.
15 Kernel IP forwarding (or a userland program which accomplishes the
17 same, e.g. fragrouter(8)) must be turned on ahead of time.
18
20 -i interface
21 Specify the interface to use.
22 -c own|host|both
24 Specify which hardware address t use when restoring the arp con‐
25 figuration; while cleaning up, packets can be send with the own
26 address as well as with the address of the host. Sending packets
27 with a fake hw address can disrupt connectivity with certain
28 switch/ap/bridge configurations, however it works more reliably
29 than using the own address, which is the default way arpspoof
30 cleans up afterwards.
31 -t target
33 Specify a particular host to ARP poison (if not specified, all
34 hosts on the LAN). Repeat to specify multiple hosts.
35 -r Poison both hosts (host and target) to capture traffic in both
37 directions. (only valid in conjuntion with -t)
38 host Specify the host you wish to intercept packets for (usually the
40 local gateway).
41
43 dsniff(8), fragrouter(8)
44
46 Dug Song <dugsong@monkey.org>
47 ARPSPOOF(8)