5.6. ARP Tables
Similar to routers, switches maintain ARP tables that map a logical address, such as an IP address, to a physical address, usually a MAC address. In a switched environment the ARP table is normally very static. The MAC address of a network card does not normally change, and the IP address associated with a machine will also remain relatively constant. Unfortunately, most switches are susceptible to ARP attacks which can render a switch unusable, or be used to gather information about the topology of a network.
In November 2001, Cisco released a security warning about ARP table vulnerabilities in most versions of its IOS software. An ARP request received by a router interface, but with a different MAC address for that interface, ...
Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.