A method of intercepting packets in a TCP/IP network by sending a false address resolution protocol (ARP) message into the network. In order to accomplish this, the attacker must have access to the local network. The false ARP message generally redirects traffic to the perpetrator's computer, which is used to view or modify the network packets in some manner. See
ARP,
ARP cache and
man-in-the-middle attack.