2
edits
Changes
no edit summary
If ARP has been disabled on a network interface, ARP packets recieved by that interface will be dropped. This prevents the machine from either resolving the corresponding MAC address for a particular IP address or from responding to a requestion for such resolution.
'''5. How do you manually add an entry to the ARP cache?'''
Answer:
To manually add an entry to the ARP table, one would isssue a command of the following form, where 'xx:xx:xx:xx:xx:xx' is the MAC address you are attempting to add and 'xxx.xxx.xxx.xxx' is the corresponding IP address:
'arp -s xxx.xxx.xxx.xxx xx:xx:xx:xx:xx:xx'
'''6. What would be the possible advantage of disabling ARP on a network interface?'''
Answer:
Disabling ARP on a network interface can be used to prevent a high-security server from being accessed by unauthorized hosts. While this is to some extent 'security through obscurity', in practice it is dificult to guess the MAC address of the desired host if it refuses to respond to one's ARP requests.