arpspoof - intercept packets on a switched LAN

       Dug Song <dugsong@monkey.org>

                                                                                                     ARPSPOOF(8)

arpspoof  redirects packets from a target host (or all hosts) on the LAN intended for another host on the
       LAN by forging ARP replies.  This is an extremely effective way of sniffing traffic on a switch.

       Kernel IP forwarding (or a userland program which accomplishes the  same,  e.g.  fragrouter(8))  must  be
       turned on ahead of time.

       arpspoof - intercept packets on a switched LAN

-iinterface
              Specify the interface to use.

       -cown|host|both
              Specify  which  hardware  address  t  use when restoring the arp configuration; while cleaning up,
              packets can be send with the own address as well as with the address of the host. Sending  packets
              with  a  fake  hw  address  can disrupt connectivity with certain switch/ap/bridge configurations,
              however it works more reliably than using the own address,  which  is  the  default  way  arpspoof
              cleans up afterwards.

       -ttarget
              Specify  a  particular  host  to  ARP  poison  (if not specified, all hosts on the LAN). Repeat to
              specify multiple hosts.

       -r     Poison both hosts (host and target) to  capture  traffic  in  both  directions.   (only  valid  in
              conjuntion with -t)

       host   Specify the host you wish to intercept packets for (usually the local gateway).

dsniff(8), fragrouter(8)

arpspoof [-iinterface] [-cown|host|both] [-ttarget] [-r] host