Flat Slovník

Address Resolution Protocol (ARP)

ARP is a network protocol that maps IP addresses to MAC addresses, enabling communication on local networks. It is a key focus in cybersecurity due to vulnerabilities like ARP spoofing.

Address Resolution Protocol (ARP) is a network protocol operating at the data link layer (Layer 2) of the TCP/IP model, responsible for dynamically mapping Internet Protocol (IP) addresses to their corresponding physical Media Access Control (MAC) addresses. When a device needs to communicate with another device on the same local network segment but only knows its IP address, it broadcasts an ARP request. The device with the matching IP address responds with its MAC address, allowing the sender to update its ARP cache and establish direct communication at the data link level.

From a cybersecurity perspective, ARP is a critical point of concern because it lacks built-in authentication mechanisms. This makes it vulnerable to attacks such as ARP spoofing (or ARP poisoning), where an attacker sends forged ARP messages to associate their MAC address with a legitimate IP address. This can enable man-in-the-middle attacks, traffic interception, and data manipulation. Securing ARP through techniques like Dynamic ARP Inspection (DAI), static ARP entries, and network segmentation is essential for maintaining the integrity of network communications and preventing unauthorized access at the foundational layer of network infrastructure.

← Back to Glossary