Protocol Deep Dive: Address Resolution Protocol (ARP)

Address Resolution Protocol (ARP) is essential for computer communication across the network. This course provides the in-depth knowledge needed to understand, improve, troubleshoot, and secure ARP-related communications in your network.
Course info
Level
Intermediate
Updated
Apr 3, 2018
Duration
4h 36m
Table of contents
Description
Course info
Level
Intermediate
Updated
Apr 3, 2018
Duration
4h 36m
Description

Address Resolution Protocol (ARP) is foundational for nearly all LAN communication. Because ARP and its variations are so widely relied upon, a deep understanding of ARP is necessary to support network communications, troubleshoot interoperability issues, and improve the efficiency of networks. Furthermore, it is critically important that you understand its nature so you can reduce and prevent related cyber threats. In this course, Protocol Deep Dive: Address Resolution Protocol (ARP), you will learn ARP from the ground up, including every part of Address Resolution Protocol messages, their functions and variations, and their security risks. First, you will learn how to capture ARP and use those captures to identify ARP messaging and troubleshoot ARP-related problems. Next, you will explore the details of every major ARP variation, learning how they apply to network communications. Finally, you will examine best practices and procedures you can apply to common LAN ARP-based attacks. By the end of this course, you will be able to clearly identify how ARP communications are used, when and how they might cause problems or security risks, and which solutions are appropriate in any given scenario.

About the author
About the author

Jim Rizzo is a network engineer, security leader, and security subject matter expert with more than twenty-five years of networking, security, healthcare IT, & IT training experience.

Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Jim Rizzo, and welcome to my course, Protocol Deep Dive: Address Resolution Protocol, or ARP. I am a network engineer with over 20 years of experience in networking, network security, and I have always loved protocol analysis. Address Resolution Protocol plays a fundamental role in network connectivity and comes in a wide variety and variations and applications. Having a deep understanding of ARP will allow you to better configure and troubleshoot many LAN and WAN connectivity issues. In this course, we're going to start with our fundamental operation. You will learn how both dynamic ARP and static ARP configurations work and affect connectivity in the network. Using various Linux, Windows, and Cisco systems, we will cover when and where ARP is likely to fail and how to correct the problems. Next, you will cover all the variations on ARP, including reverse ARP, inverse ARP, duplicate IP address detection, gratuitous ARP, and proxy ARP. Along the way, I'll show you where they might cause connectivity issues, how to identify them using Wireshark captures, and how to correct each situation. A section on ARP related security issues is where you'll see how broadcast storms are caused, how Mac flooding happens, and how spoofing and man-in-the-middle attacks work, and what security techniques can be applied to reduce these ARP based cyber threats. By the end of this course, you'll know exactly how ARP and all its variations work, how to capture ARP traffic to identify problems, and how to improve both the efficiency and security of your network. Before beginning the course, you should be familiar with IP addressing and Mac addressing. As well, you should have a basic understanding of computer communication on LANs and through default gateways over routed inner networks. Lastly, a basic understanding of Wireshark use and configuration will be helpful but is not necessary. I'll hope you'll join me on this journey to learn ARP with the Protocol Deep Dive: Address Resolution Protocol course, at Pluralsight.