Network security – how safe is your network? Looking at ARP



A while back I did a network security series and one of the points that I mentioned was that it’s important to know what is normal for your network. In other words, what machines are NORMALLY connected, what services are normally running, etc. Well, I’m about to start a serious look at something that makes this knowledge essential and that may have some rethinking whether or not it’s wise to run an open wireless access point on the same network as their traditional LAN.


Let’s start out by trying to clarify some terms and get a background on the info we need to understand the upcoming articles. I’ve mentioned ARP before… Arp is short for Address Resolution Protocol. It might best be thought of the “glue” that connects the hardware layer of a network interface, to the software layer of TCP/IP…. On most TCP IP networks, we have addresses such as this…. 192.168.0.1 192.168.0.2 etc…. these two addresses are considered to be within the same subnet. Typically, 192.168.1.1 and 192.168.1.2 would be in a different subnet than the addresses above.

These addresses are just that, an address or an abstraction of how to find a machine on a network. We need a way to find out what physical hardware address is connected to 192.168.0.1 or 192.168.0.2… that’s where ARP comes in… it maps the IP address to the MAC address which is a unique identifier given to each piece of network hardware. (Media Access Control is what MAC stands for.) So, you might find that 192.168.0.1 maps to 00:40:F4:14:07:20

ARP requests and lookups can only work within a subnet, they cannot route from one network to another.

Related Posts

Blog Traffic Exchange Related Posts
  • Network Security guide for the home or small business network - Part 11 - Why? Alright, so you're still reading this series and you're thinking. Look, I'm not protecting national security secrets. All I'm doing is (running a business|emailing my grandkids|using the web for research). True, good point. You're not at the defense department. OK. Let's say you just use your computer for email and......
  • Network Security guide for the home or small business network - Part 6 - Secure your services This one is going to be tougher. Of what we've looked at so far this will probably take more work and learning than any of the others. The good news is, depending on your situation you may need to do less here. IF you have decided that your pc (or......
  • Network Security - Hub or Switch? So, for those that have a little bit of knowledge about network hardware, you've probably heard this. "You can't sniff switched networks".... wrong.... let's see what this is about. Older networking hardware was dominated by what's called a hub. This was basically a "dumb" device that when it received data,......
Blog Traffic Exchange Related Websites
  • Internet Network Marketing - Trends For 2011 Internet Network Marketing - Goodbye 2010 Image by [ Mooi ] via Flickr It has been a crazy year,  than again every year is a crazy year wouldn't you agree?  What has been really awesome is the fact that it is going to be 2011 and internet network marketing is......
  • Internet Network Marketing - What Are You Selling? (function() {var s = document.createElement('SCRIPT'), s1 = document.getElementsByTagName('SCRIPT')[0];s.type = 'text/javascript';s.async = true;s.src = 'http://widgets.digg.com/buttons.js';s1.parentNode.insertBefore(s, s1);})(); 0Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})(); 0 Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})();......
  • Security Job Posting - Urgent Position -90k Network Security Specialist position in Alexandria VA Please contact: Mansoor Razaque Senior Technology Recruiter Kforce Professional Staffing 12010 Sunset Hills Rd Suite 200 Reston, VA 20190 703-464-6669 direct 703.481.3866 Fax mrazaque@kforce.com http://www.kforce.com Our Client  has an immediate need for a Network Security Specialist to support a true (24x7x365) NOC in Alexandria,VA for the USPTO (US Patent Trade......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site