1.ARP Profile
ARP (Address Resolution Protocol), which is a basic function of the target device through the IP address, searches the MAC address of the target device, to ensure smooth communication. It is essential IPv4 network layer protocol, however, no longer applies in the IPv6, and neighbor discovery protocol (NDP) replaced.
2.ARP attack
ARP protocol is the basic function by the IP address of the target device, queries the MAC address of the target device, in order to ensure communication. Based on this operating characteristics ARP protocol, hackers continue to send to the other computer fraudulent nature of ARP packets in the data packet contains a duplicate of the current Mac address of the device, the other party in the response packet, due to the simple address duplication error resulting in no normal network communications.
In general, the computer from ARP attacks occur two phenomena:
1) continue to pop up "XXX XXX segment segment address conflict with network hardware address of the machine in the" dialog box.
2) The computer can not access the Internet, the symptoms of a network outage occurs.
Because of this attack is the use of ARP request packets of "deceit", the firewall will think is normal request packet, will not be intercepted. So common firewall is difficult to resist such attacks.
References:
1.https://blog.csdn.net/lm409/article/details/80299823
2. https://blog.51cto.com/13570193/2083332
3.https://blog.csdn.net/tanga842428/article/details/79309275