What does ARP mean?

What does ARP mean?

ARP (Address Resolution Protocol), that is, Address Resolution Protocol, is a TCP/IP protocol that obtains a physical address based on an IP address. It can solve the mapping problem of IP address and MAC address of the host or router in the same LAN.

When the host sends information, it broadcasts the ARP request containing the target IP address to all hosts on the network, and receives the return message to determine the physical address of the target; after receiving the return message, the IP address and the physical address are The address is stored in the local ARP cache and retained for a certain period of time. The ARP cache is directly queried on the next request to save resources.

The ARP command can be used to query the correspondence between IP addresses and MAC addresses in the local ARP cache, add or delete static correspondence, etc. Relevant protocols include RARP and proxy ARP. NDP is used to replace Address Resolution Protocol in IPv6.

ARP spoofing (security risk)

The arp protocol (Address Resolution Protocol) is based on mutual trust between hosts in the network. Hosts on the network can Automatically sends ARP response messages. When other hosts receive the response messages, they will not detect the authenticity of the message and will record it in the local ARP cache.

In this way, the attacker can send a fake ARP reply message to a certain host, so that the information sent cannot reach the expected host or reaches the wrong host, which constitutes an ARP spoofing.

ARP spoofing can cause the target computer to fail to communicate with the gateway, and can also cause communication to be redirected. All data will pass through the attacker's machine, so there is a huge security risk.

The above is the detailed content of What does ARP mean?. For more information, please follow other related articles on the PHP Chinese website!