Engineering:ARP cache

An ARP cache^[1] is a collection of Address Resolution Protocol entries (mostly dynamic), that are created when an IP address is resolved to a MAC address (so the computer can effectively communicate with the IP address).^[2] The term can be used interchangeably with ARP table, although the latter is sometimes a distinct statically configured table.^[3]^[4]

An ARP cache has the disadvantage of potentially being used by hackers and cyberattackers (an ARP cache poisoning attack). An ARP cache helps the attackers hide behind a fake IP address.^[1] Beyond the fact that ARP caches may help attackers, it may also prevent the attacks by "distinguish[ing] between low level IP and IP based vulnerabilities".^[5]

References

↑ ^1.0 ^1.1 Moon, Daesung; Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk (2016-05-01). "RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks" (in en). The Journal of Supercomputing 72 (5): 1740–1756. doi:10.1007/s11227-014-1353-0. ISSN 0920-8542.
↑ "Quick Tips: Flush the ARP cache in Windows 7 - TechRepublic" (in en). 12 May 2011. http://www.techrepublic.com/blog/windows-and-office/quick-tips-flush-the-arp-cache-in-windows-7/.
↑ "What Is Address Resolution Protocol (ARP)?". Fortinet. https://www.fortinet.com/resources/cyberglossary/what-is-arp. "The ARP cache is dynamic, but users on a network can also configure a static ARP table containing IP addresses and MAC addresses."
↑ "How ARP works". Aruba Networks. https://arubanetworking.hpe.com/techdocs/AOS-S/16.10/MRG/WB/content/common%20files/how-arp-wor4.htm. "A static entry enters the ARP cache from the static ARP table (which is a separate table)..."
↑ Daniels, Thomas E.; Spafford, Eugene H. (1999-01-01). "Identification of host audit data to detect attacks on low-level IP vulnerabilities" (in en). Journal of Computer Security 7 (1): 3–35. doi:10.3233/jcs-1999-7102. ISSN 0926-227X.

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/ARP cache. Read more

[RTNSS-1] 1.0 ^1.1 Moon, Daesung; Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk (2016-05-01). "RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks" (in en). The Journal of Supercomputing 72 (5): 1740–1756. doi:10.1007/s11227-014-1353-0. ISSN 0920-8542.

[2] "Quick Tips: Flush the ARP cache in Windows 7 - TechRepublic" (in en). 12 May 2011. http://www.techrepublic.com/blog/windows-and-office/quick-tips-flush-the-arp-cache-in-windows-7/.

[3] "What Is Address Resolution Protocol (ARP)?". Fortinet. https://www.fortinet.com/resources/cyberglossary/what-is-arp. "The ARP cache is dynamic, but users on a network can also configure a static ARP table containing IP addresses and MAC addresses."

[4] "How ARP works". Aruba Networks. https://arubanetworking.hpe.com/techdocs/AOS-S/16.10/MRG/WB/content/common%20files/how-arp-wor4.htm. "A static entry enters the ARP cache from the static ARP table (which is a separate table)..."

[5] Daniels, Thomas E.; Spafford, Eugene H. (1999-01-01). "Identification of host audit data to detect attacks on low-level IP vulnerabilities" (in en). Journal of Computer Security 7 (1): 3–35. doi:10.3233/jcs-1999-7102. ISSN 0926-227X.

[1]

[2]

[3]

[4]

[5]

Anonymous

Search

Engineering:ARP cache

Namespaces

More

Page actions

References

Navigation

Navigation

Resources

Help

googletranslator

Navigation

Wiki tools

Wiki tools

Anonymous

Search

Engineering:ARP cache

References

Navigation

Wiki tools

Page tools

Other projects

Categories