"MITM attack" stands for "Man In The Middle attack".
MITM attack is an active eavesdropping. It uses a seperate computer that accepts traffic from each party in a conversation and forwards the traffic between user and server. They both maintain ARP cache table which consists of IP address and MAC address. The data exchange takes place between system and server, the attacker eavesdrop and corrupts ARP cache table of both the user and server by changing IP and MAC addresses. So the attacker will appear as user to the server and appear as server to the user, this is called ARP poisoning. Now attacker controls entire conversation.
- always visit websites using HTTPS protocol will prevent attackers from intercepting data.
- adding static ARP entities into the cache is one method of mitigating ARP cahe poisoning. this method prevents attackers from using ARP requests and replies as the devices in the network will rely on the local cache instead.