Switched Ethernet does not allow direct sniffing
ARP flooding and ARP cache poisoning can be used to bypass this protection
ARP flooding
Ethernet Switches maintain a table that maps between MAC addresses and ethernet ports
Flooding the switch with bogus MAC addresses will overflow table memory and revert the behavior from “switch” to “hub”
ARP cache poisoning
Send a spoofed ARP reply to node A telling that IPB is associated with your own MAC address
Do the same to node B… tell that IPA is associated with your MAC address
Both A and B will send messages to you thinking that they are sending it to each other… the switch will not know anything