ARP Cache Poisoning Prevention
In computer networking parlance, ARP stand for Address Resolution Protocol. Well, this tells us that computer addresses are being resolved via some sort of lookup table. The ARP cache is what translates IP (Internet Protocol) addresses to hardware MAC (Media Access Control) addresses within a TCP/IP network. ARP replies can be spoofed easily if one of your network;s systems are compromised. The compromised system can spoof other systems on the network. The spoofing is when the target machine receives faulty information linking an unsafe MAC address to a local IP address. The preventative measure (UNIX and *NIX) is a list of trusted systems that is hard coded into the /etc/ethers (or equivalent) file where the true MAC addresses are mapped to the true IP address, preventing the ARP protocol from overriding this information. The file needs to be updated if a network card is changed since every networked device must have a unique MAC address.
