I came across an infosec presentation from a conference which discussed how ICMP packets can be used to compromise a connection between two machines. More specifically, they described the process as:
The attacker can forge a spoofed ICMP packets to force the host to make an ARP request. As a response, an illegitimate ARP replay is generated and effectively routes the victim’s traffic to the attacker’s machine.
But it is not clear to me how this works and how the attacker exactly would be able to compromise the connection. Could you please explain this further? Additionally, why would someone use this approach?