Writing the I am Tool
Now we can create our first tool using libnet. To provide an introduction to libnet, we are going to demonstrate how to write a simple tool for automating a network security attack known as Address Resolution Protocol (ARP) poisoning.
This tool, called I am, sends ARP Reply packets to locally networked hosts claiming to be the host at a certain IP address. This is an integral part of an ARP poisoning attack, in that it can allow an attacker on a local network to redirect traffic through the host, and therefore intercept, modify, or observe traffic flowing on the network.
The I am tool, like most libnet tools, has functionality that can be categorized into the following areas:
Initializing the session
Building the protocol blocks
Sending the packet
Closing down gracefully
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
