The system that receives this information will happily take it for granted, even if it did not ask for the information in the first place. This means, anybody in the network can just come and say: “Hello, I’m the gateway, my MAC address is so and so”. Moreover, gratuitous ARP packets are allowed. The problem from a security point of view is that ARP is not encrypted. However, to know the MAC address of that gateway, it will send out an ARP request, asking for the MAC of the gateway IP. Your system will know the IP address of that router, because it is saved as gateway address in your system’s network configuration. When your system starts sending the packet, the first MAC address will be the one of your router / switch. While the destination IP of your packet – 1.2.3.4 – remains the same ( OSI layer 3), the MAC address that indicates each upcoming hop is changing with each hop ( OSI layer 2). If your system wants to reach a server on the internet that has the IP address 1.2.3.4, the packets will not go through the wire directly to that one server, but they will have to jump over your router and most likely several intermediaries until they reach the target. ARP – the address resolution protocol – is responsible for translating IP addresses into MAC addresses.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |