Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
ARP spoofing
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Static ARP entries=== The simplest form of certification is the use of static, read-only entries for critical services in the [[ARP cache]] of a host. IP address-to-MAC address mappings in the local ARP cache may be statically entered. Hosts don't need to transmit ARP requests where such entries exist.<ref name="Lockhart-2007-p186">{{cite book|author=Lockhart, Andrew|title=Network security hacks|publisher=O'Reilly|year=2007|isbn=978-0-596-52763-1|page=[https://archive.org/details/networksecurityh02edunse/page/186 186]|url=https://archive.org/details/networksecurityh02edunse|url-access=registration}}</ref> While static entries provide some security against spoofing, they result in maintenance efforts as address mappings for all systems in the network must be generated and distributed. This does not scale on a large network since the mapping has to be set for each pair of machines resulting in ''n''<sup>2</sup>-''n'' ARP entries that have to be configured when ''n'' machines are present; On each machine there must be an ARP entry for every other machine on the network; ''n-1'' ARP entries on each of the ''n'' machines.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)