Arp-Spoofing The most dangerous attack !! What is the? How do you deal with it?

Arp-Spoofing is a type of attack targeting networks of the second level, especially from the OSI model, which is one of the most dangerous attacks on the network and leads to the so-called Man in the middle attack.

Add to your information:
Before connecting two devices together on a single network, each device must first recognize the MAC address or the physical address of each. Therefore, a protocol called ARP-Protocol, whose primary function is to send the Arp-Request, (Mac) to a particular IP address to communicate with, and therefore broadcast on the network until it reaches the desired IP. When it arrives at its intended destination, the Mac Address responds to it via Arp-Spoofing, but this time the response will be different. It will be Unicast. Once this is done, Operations successfully, the devices start communicating successfully.

How to attack?
The idea of ​​attack is often one of the simplest steps in the hacking process. Once the response is received, the MAC address and the IP address are stored in a table called the Arp Table, so that access is easier. , And this process is often a temporary process ends as soon as the device is closed, from here the attacker starts his attack and simply sends (Arp Replay) a forged device on the network, as if the request has been issued by the same device, (ARP). Hence, the hacking device starts sending its data to the hacker as a router Not so all data traffic through.
Thus, the hacker was able to convert his device into what is known as MITM in the middle.

Here's the picture to illustrate:

A simplified explanation of the above:
Your device is connected to the router, the router is connected to the Internet, your device sends a request to enter a specific location, the router connects to the site, the site responds, so you get to the Arp-Spoof and your device acts as a spy in the first stage, the moment you pass your request to the router, The last time the router sends you a response, it now acts as a spy tool and sees everything that is going on between you and the router very smoothly.

The tools used in Arp-Spoofing and MITM?
Many of the tools used in this attack, but the most famous ones (DNS Sniff, Ettercap, and NetCut), although NetCut does not execute the MITM attack, Changing the Gatway, keeps you aware that these programs do not need to be highly professional.

How to protect your computer from these attacks?
The best way to protect your computer from these attacks is to do a static ARP gateway for public or open networks, or use some specialized software to change your Mac address before connecting to suspicious or public networks.
However, if you are trying to connect to a remote server, you must use SSH. It provides you with complete confidentiality of your data. There are also some programs that enable you to monitor and track your network, including XARP (Snort) Mapping which occurs on Arp Cash.