ARP cache

An ARP cache^[1] is a collection of Address Resolution Protocol entries (mostly dynamic), that are created when an IP address is resolved to a MAC address (so the computer can effectively communicate with the IP address).^[2]

An ARP cache has the disadvantage of potentially being used by hackers and cyberattackers (an ARP cache poisoning attack). An ARP cache helps the attackers hide behind a fake IP address.^[1] Beyond the fact that ARP caches may help attackers, it may also prevent the attacks by "distinguish[ing] between low level IP and IP based vulnerabilities".^[3]

References[edit]

^ ^a ^b Moon, Daesung; Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk (2016-05-01). "RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks". The Journal of Supercomputing. 72 (5): 1740–1756. doi:10.1007/s11227-014-1353-0. ISSN 0920-8542. S2CID 255069126.
^ "Quick Tips: Flush the ARP cache in Windows 7 - TechRepublic". TechRepublic. 12 May 2011. Retrieved 2017-07-14.
^ Daniels, Thomas E.; Spafford, Eugene H. (1999-01-01). "Identification of host audit data to detect attacks on low-level IP vulnerabilities". Journal of Computer Security. 7 (1): 3–35. CiteSeerX 10.1.1.26.5458. doi:10.3233/jcs-1999-7102. ISSN 0926-227X.

This computer networking article is a stub. You can help Wikipedia by expanding it.

[RTNSS-1] Moon, Daesung; Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk (2016-05-01). "RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks". The Journal of Supercomputing. 72 (5): 1740–1756. doi:10.1007/s11227-014-1353-0. ISSN 0920-8542. S2CID 255069126.

[2] "Quick Tips: Flush the ARP cache in Windows 7 - TechRepublic". TechRepublic. 12 May 2011. Retrieved 2017-07-14.

[3] Daniels, Thomas E.; Spafford, Eugene H. (1999-01-01). "Identification of host audit data to detect attacks on low-level IP vulnerabilities". Journal of Computer Security. 7 (1): 3–35. CiteSeerX 10.1.1.26.5458. doi:10.3233/jcs-1999-7102. ISSN 0926-227X.

[1]

[2]

[3]