DNS is what maps a friendly website name like `www.google.com` to a number that computers can understand, like `216.58.223.196`. In other words, we can describe DNS as the phonebook of the internet.

When you want to visit a website on the internet, like your favorite streaming website, i.e., Netflix, you type in `www.netflix.com`. However, the browser does not understand that because computers identify one another via numbers (called IP addresses). The browser needs a way to know the IP address that `www.netflix.com` is associated with. That's where DNS comes in. DNS associates `www.netflix.com` with its IP address.

The Mitnick attack is also a TCP session hijacking attack, but it is not like your regular TCP session highjack. While the regular TCP session highjack involves highjacking a TCP session that already exists between two hosts i.e. host A and host B, the Mitnick attack is responsible for creating a TCP session between two hosts i.e. host A and host B and then highjacks the session.

To understand TCP attacks, you have to, first of all, understand how TCP works. TCP is a connection-oriented protocol. This simply means that before two hosts that want to exchange information begin the information exchange, both hosts must ascertain that they can in fact talk to one another.

An ICMP redirect is an error message sent by a router to the sender of an IP packet. The purpose of this error message is to inform the sender of the IP packet that there is a better route it can use to reach its destination. While this is a neat feature, attackers can take advantage of this feature to redirect a machine’s network traffic to a rouge router and sniff such traffic.

When a computer wants to send data within a network (not across i.e. via a router), it usually makes use of the NIC MAC address to send such data. Every computer keeps a record of IP-to-MAC-address mapping. This is called the ARP cache. It is through the help of the ARP cache that the computer knows which NIC to send data meant for a particular IP address. A computer populates (stores an entry) its ARP cache when it receives an arp request.