ARP is the address Resolution Protocol which is used to convert ip into mac address . Arp packets are intercepted to send the data to attackers machine . Working of ARP is discussed in the previous chapter. An attacker can exploit arp poisoning in order to intercept or perform sniffing attack in a network . When the switch is flooded using mac flooding arp tables can be spoofed , due to flooding the switch is in forward mode so that sniffing can be performed easily.