Address Resolution Protocol
The Address Resolution Protocol (ARP) is a part of Media Access Control system in telecommunications. It is responsible for using the IP address to determine the MAC address of a network device. When an IP address must be reached, ARP broadcasts a request for the MAC address associated with it. Once the MAC address is returned, it is added to the local cache, so that the lookup can be skipped the next time that IP address is referenced. ARP functions across OSI levels two and three
ARP poisoning
A method of implementing a man-in-the-middle cyber attack is ARP poisoning. This involves the insertion of a fraudulent MAC address so that the client communicates with the wrong (usually hostile) host. Poisoning can be done at the time of request, but can be difficult to succeed at. The easier way by far to poison an ARP cache is to send out an unrequested message associating an IP address with a MAC address. These unsolicited ARP messages are almost always ignored by systems, as they should be, to maintain better security.[1]
