Vulnerabilities of The Address Resolution Protocol
The Address Resolution Protocol (ARP) is a widely used protocol for resolving network layer addresses into link layer addresses.
When an Internet Protocol (IP) datagram is sent from one host to another on a local area network, the destination IP address must be converted into a MAC address for transmission via the data link layer. When another host's IP address is known, and its MAC address is needed, a broadcast packet is sent out on the local network. This packet is known as an ARP request. The destination machine with the IP in the ARP request then responds with an ARP reply, which contains the MAC address for that IP.
ARP is a stateless protocol. Network hosts will automatically cache any ARP replies they receive, regardless of whether or not they requested them. Even ARP entries which have not yet expired will be overwritten when a new ARP reply packet is received. There is no method in the ARP protocol by which a host can authenticate the peer from which the packet originated. This behavior is the vulnerability which allows ARP spoofing to occur.
Read more about this topic: ARP Spoofing
Famous quotes containing the words address and/or resolution:
“Patience, to hear frivolous, impertinent, and unreasonable applications: with address enough to refuse, without offending; or, by your manner of granting, to double the obligation: dexterity enough to conceal a truth, without telling a lie: sagacity enough to read other people’s countenances: and serenity enough not to let them discover anything by yours; a seeming frankness, with a real reserve. These are the rudiments of a politician; the world must be your grammar.”
—Philip Dormer Stanhope, 4th Earl Chesterfield (1694–1773)
“[A]s I am pretty well acquainted by great Opportunities with the Nature of Man, and know of a Truth, that all Men fight against their Will, the Danger vanishes, and Resolution rises upon this Subject. For this Reason I shall talk very freely on a Custom which all Men wish exploded, tho’ no Man has Courage enough to resist it.”
—Richard Steele (1672–1729)