ARP is a very simple protocol without any authentication or other inbuilt security mechanisms, and so it is vulnerable to attack. A malicious user within the network can use ARP as a means of ARP poisoning to eavesdrop, or can use ARP sweeping for denial-of-service (DoS) attacks. In this section, we will discuss different ARP-based attacks and how to use Wireshark to detect them.