Protocol Deep Dive: Address Resolution Protocol (ARP)
Address Resolution Protocol (ARP) is essential for computer communication across the network. This course provides the in-depth knowledge needed to understand, improve, troubleshoot, and secure ARP-related communications in your network.
What you'll learn
Address Resolution Protocol (ARP) is foundational for nearly all LAN communication. Because ARP and its variations are so widely relied upon, a deep understanding of ARP is necessary to support network communications, troubleshoot interoperability issues, and improve the efficiency of networks. Furthermore, it is critically important that you understand its nature so you can reduce and prevent related cyber threats. In this course, Protocol Deep Dive: Address Resolution Protocol (ARP), you will learn ARP from the ground up, including every part of Address Resolution Protocol messages, their functions and variations, and their security risks. First, you will learn how to capture ARP and use those captures to identify ARP messaging and troubleshoot ARP-related problems. Next, you will explore the details of every major ARP variation, learning how they apply to network communications. Finally, you will examine best practices and procedures you can apply to common LAN ARP-based attacks. By the end of this course, you will be able to clearly identify how ARP communications are used, when and how they might cause problems or security risks, and which solutions are appropriate in any given scenario.
Table of contents
- Intro 2m
- Connectivity Losses to Hosts and Default Gateway 9m
- Stale ARP Cache Problems 5m
- Demo: Stale ARP Cache Problems 12m
- Static ARP Problems 6m
- Demo: Static ARP Problems 9m
- Proxy ARP Problems 12m
- Demo: Proxy ARP Overhead 7m
- Demo: Proxy ARP Unavailable 8m
- Demo: Proxy ARP Blackhole 9m
- Demo: Finding Computers in a Complex LAN 8m
- ARP and Security Intro 1m
- Broadcast Storms, Denial Of Service (DoS), and Storm Control 9m
- Demo: Broadcast Storm Control 9m
- CAM Table Flood with Port Security 6m
- Demo: CAM Table Flood with Port Security 14m
- ARP Poisoning, Blackhole, Spoofing, MITM 14m
- Demo: ARP Poisoning and Man in the Middle 5m
- ARP Security Through Dynamic ARP Inspection 13m
About the author
Jim Rizzo is a network engineer, security leader, and IT network and security subject matter expert with more than twenty-five years of IT and IT training experience. He currently works for GE Healthcare supporting networks, helping secure IT healthcare systems, and developing IT and healthcare privacy and security training for the healthcare industry. Along with his Cisco wired and wireless networking technologies base, Jim's focus includes protocol analysis, a variety of security topics such a... more