Jump to content

ARP cache

From Wikipedia, the free encyclopedia
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

An ARP cache[1] is a collection of Address Resolution Protocol entries (mostly dynamic), that are created when an IP address is resolved to a MAC address (so the computer can effectively communicate with the IP address).[2]

An ARP cache has the disadvantage of potentially being used by hackers and cyberattackers (an ARP cache poisoning attack). An ARP cache helps the attackers hide behind a fake IP address.[1] Beyond the fact that ARP caches may help attackers, it may also prevent the attacks by "distinguish[ing] between low level IP and IP based vulnerabilities".[3]

References

  1. ^ a b Moon, Daesung; Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk (2016-05-01). "RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks". The Journal of Supercomputing. 72 (5): 1740–1756. doi:10.1007/s11227-014-1353-0. ISSN 0920-8542. S2CID 255069126.
  2. ^ "Quick Tips: Flush the ARP cache in Windows 7 - TechRepublic". TechRepublic. 12 May 2011. Retrieved 2017-07-14.
  3. ^ Daniels, Thomas E.; Spafford, Eugene H. (1999-01-01). "Identification of host audit data to detect attacks on low-level IP vulnerabilities". Journal of Computer Security. 7 (1): 3–35. CiteSeerX 10.1.1.26.5458. doi:10.3233/jcs-1999-7102. ISSN 0926-227X.
Stub icon

This computer networking article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=ARP_cache&oldid=1236036097"