be used for work. The InARP protocol is implemented as an extension to ARP and uses the
same packet format as ARP, but with different operational codes.
RARP (Reverse Address Resolution Protocol) also translates OSI Layer 2 addresses to Layer.
In this protocol; however, instead of requesting the Layer 3 address from another node,
RARP was used to obtain the Layer 3 address of the requesting station for address
configuration purposes. It has since been superseded byBOOTP that was replaced by DHCP
(Dynamic Host Configuration Protocol).
How Does ARP Spoofing Work?
A security flaw with the ARP system, is that the protocol was not designed to provide a
means of authentication for ARP replies on a LAN or network. In ARP spoofing, the device or
person conducting the spoofing will answer real ARP requests with the aim of interception.
The technique can be used to conduct a denial of service attack against users on the
network or conduct a ―man-in-the-middle‖ attack. In each of these attacks, software is
normally installed on a node in the local network with the access to receive and provide
false responses to ARP requests. The ―man-in-the-middle‖ attack consists of a hacker using
ARP spoofing to receive network traffic intended for your computer to his or hers. Combined
with IP forwarding, the hacker can send the information destined for your computer to you
as well as outgoing traffic in order to collect as much information as possible. In the mean-
time, private data such as email, banking, and Facebook logins and passwords can be
collected and used for identity theft or other nefarious means.
Although static ARP entries can combat a network’s susceptibility to a spoofing attack that
results in ARP cache poisoning, network administrators will typically rely on software
solutions to detect and isolate network nodes suspected of conducting these attacks. When
recovering from an attack, the ARP cache is typically cleaned on network computers and/or
devices as required to remove the faulty information that may still be stored.
What Are the Alternatives to ARP?
One alternative to ARP is for each computer on a network to maintain an individual table
with the mappings of the IP addresses (OSI Model Layer 3) to MAC addresses (OSI Model
Layer 2). This practice was more common on older computers
when network broadcast packets were considered too heavy-weight to expend on
exchanging the address mapping information. Today, all modern computers rely on ARP
network packet exchange and communication to maintain the network address mappings.