ARP module: Difference between revisions

ARP module (view source)

131 bytes added , 18 September 2024

no edit summary

108

edits

@@ Line 2: / Line 2: @@
 The ARP module monitors requests and replies and builds a database of all known MAC and IP addresses and their correlation.
 It also accounts possible spoofing alerts, when some computer send or reply with wrong MAC addresses, or multiple computers answer with the same IP.
 Those events may indicate some problem within the network, due to misconfiguration or an attack.
+'''Overview'''
-'''Web interface'''
 {| class="wikitable sortable"
 |-
@@ Line 11: / Line 10: @@
 |}
-'''Overview '''
+The overview tab shows the number of all ARP requests seen, and the number of replies. The history graph shows the number over time. As usual, zooming can be applied to view a larger time window.
-The overview tab shows the number of all ARP requests seen, and the number of replies. The history graph shows the number over time. As usual, zooming can be applied to view a larger time window.
 '''MAC addresses'''
+{| class="wikitable sortable"
+|-
+|[[File:ARP_MAC.png|800px|none|right]]
+|}
 The MAC address tables shows for each MAC address the last assigned IP address, that is the IP address that have announced by the corresponding MAC address.
@@ Line 27: / Line 29: @@
 Otherwise it indicates that a devices sends ARP request with a forged sender address.
 '''IP addresses'''
+{| class="wikitable sortable"
+|-
+|[[File:ARP_IP.png|800px|none|right]]
+|}
 The IP addresses tab views the reverse direction, showing the MAC addresses used for each IP address.