Based on the title (ARP and STP Attacks), this presentation likely focuses on the vulnerabilities and exploitation techniques involving the Address Resolution Protocol (ARP) and Spanning Tree Protocol (STP) . Key Features of ARP and STP Attacks
: Validates ARP packets on the network to prevent spoofing.
: Automatically disables a port if it receives an STP BPDU, preventing unauthorized devices from influencing the STP topology.
: Prevents a port from becoming a root port, ensuring the Root Bridge remains on a trusted core switch.
: While often associated with switches, this attack fills a switch's CAM table with fake MAC addresses, forcing it to act like a hub and broadcast all traffic to every port, where an attacker can sniff it. Common Mitigations
: Both protocols can be exploited to cause Denial of Service (DoS) . For example, flooding a network with ARP requests can overwhelm device tables, while STP loops (caused by disabled or misconfigured STP) can create broadcast storms that crash the network.
: Attackers send falsified ARP messages to a local network to link their MAC address with the IP address of a legitimate server or gateway. This allows them to intercept, modify, or stop data in transit, often facilitating Man-in-the-Middle (MitM) attacks.
