There are at least 3 devices on a network: Alice, IP address: 192.168.0.7, MAC Address: 00:00:00:00:00:00:00:07ARP table entries:192.168.0.1 00:00:00:00:00:00:00:01220.127.116.11 00:00:00:00:00:00:00:06 Bob, IP address: 192.168.0.1, MAC Address: 00:00:00:00:00:00:00:01ARP table entries:192.168.0.7 00:00:00:00:00:00:00:0718.104.22.168 00:00:00:00:00:00:00:06 Eve, IP address: 192.168.0.6, MAC Address: 00:00:00:00:00:00:00:06ARP table entries:192.168.0.1 00:00:00:00:00:00:00:0122.214.171.124 00:00:00:00:00:00:00:07Eve is evil. She wants to intercept and read the message traffic that is going between Alice and Bob. To do this: Eve sends a gratuitous (unsolicited) ARP ACK packet to Bob mapping Alice’s IP address (192.168.0.7) to Eve’s MAC address (00:00:00:00:00:00:00:06). Bob updates his ARP table with the new mapping. Eve sends a gratuitous ARP ACK packet to Alice mapping Bob’s IP address (126.96.36.199) to Eve’s MAC address. Alice updates here ARP table with the new mapping. Then, when Bob sends a message to Alice, he looks up the associated MAC address in the ARP table that matches Alice’s IP address. Since the mappings have been updated, he sends the message to Eve. Eve still has the original ARP mappings, so she can then read the message and forward it on to Alice (if she chooses to do so). The same process occurs when Alice wants to send a message to Bob.