ARP -- address resolution protocol Jon Hart http://www.ccs.neu.edu/home/jhart/ 10/03/2002 What it does: ------------- I have an IP address and need to know the MAC address of the device that has this IP, or the MAC address of the device that knows how to get to this IP. Non-computer example: --------------------- You are in a crowded room and suddenly decide to send mail to Bob, but don't recall where Bob lives. How do send mail if you don't know where he lives? Just ask... Say: "I need to send something to Bob. Does anyone know where Bob lives?" Reply 1: nothing Reply 2: "Hi, I'm Bob and I live at 12 Main St. Send my mail here" Reply 3: "I'm not Bob, but I know how to get to him. Send his mail to me" Real-life example: ------------------ `telnet denali` (behind the scenes) Send: "where is denali?" Reply 1: nothing. Nobody knows. Reply 2: "Hi. I'm denali and my MAC address is aa:bb:cc:dd:ee:ff" Reply 3: "Hi. I'm the switch and I know how to get to denali. My MAC address is 00:11:22:33:44:55" Abuses or other cool things: ---------------------------- "Uh, yeah, I'm Bob. Send that mail my way" If you can tell the requestor that the IP they were looking for is at your MAC address, you can intercept traffic not originally intended for your use. This is usually called "arp spoofing". You can use this technique on networks connected via a hub and sometimes a switch to have all sorts of fun. ================================================================================ RARP -- reverse address resolution protocol What it does: ------------- Aka poor-man's DHCP. I have a MAC address and need to know the IP of the device that has this MAC, or the IP address of the device that knows how to get to this MAC. Non-computer example: --------------------- You are in a crowded room and receive a piece of mail with a sender address but no sender name. How do you figure out who sent this? Just ask... Say: "Who lives at 12 Main St?" Reply 1: nothing Reply 2: "Hey. That is my address and my name is Bob" Reply 3: "Hey. That isn't my address, but I think I know someone who may know." Real-life example: ------------------ You have an old Sun workstation or a dumb terminal of some sort that needs 'net access. dummy: "Help! I have no IP!" boot server: "Have no fear. Your IP is 10.0.0.2. Now shutup and boot" Abuses or other cool things: ---------------------------- If you have the MAC address of a device and for some reason you don't know the IP, you can sometimes get the IP via a RARP request. i.e., You can see the MAC address of an Access Point in CN but don't know the IP. If you RARP for that MAC, it or another device may respond with the IP. References: ----------- ftp://ftp.isi.edu/in-notes/rfc903.txt ftp://ftp.isi.edu/in-notes/rfc826.txt http://spoofed.org/files/arp-tk.c