¨redirects traffic by sending false
DNS information
to victim
¨Attacker initially activates
arpspoof and dnsspoof
¨When victim tries to browse a web
site, a DNS query is sent but the attacker sends a poisoned DNS
response
¨Victim unknowingly communicates with
another
web server
¨