「arpspoof」

  CREATED BY JENKINSBOT

NAME

arpspoof – intercept packets on a switched LAN

SYNOPSIS

arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host

DESCRIPTION

arpspoof redirects packets from a target host (or all hosts) on the LAN

intended for another host on the LAN by forging ARP replies. This is

an extremely effective way of sniffing traffic on a switch.

Kernel IP forwarding (or a userland program which accomplishes the

same, e.g. fragrouter(8)) must be turned on ahead of time.

OPTIONS

-i interface: 接口
Specify the interface to use.

-c own|host|both:C-c退出时,使用的地址;
Specify which hardware address t use when restoring the arp configuration;

while cleaning up, packets can be send with the own address as well as with the address of the host.

Sending packets with a fake hw address can disrupt connectivity with certain switch/ap/bridge configurations,

however it works more reliably than using the own address, which is the default way arpspoof cleans up afterwards.

-t target:要毒化的主机;
Specify a particular host to ARP poison (if not specified, all hosts on the LAN).

Repeat to specify multiple hosts.

-r:要与-t连用,默认情况下只毒化target,-r双向毒化;
Poison both hosts (host and target) to capture traffic in both directions.

(only valid in conjuntion with -t)

host:要伪装的主机、被攻击的主机;
Specify the host you wish to intercept packets for (usually the local gateway).

SEE ALSO

dsniff(8), fragrouter(8)