First of all, let's watch this video below and follow the steps in the video:
- ARP-Address Resolution Protocol
- ARP resolves IP addresses to MAC addresses at Layer 2
- Frames on a local network are delivered to a MAC address
- So, a MAC address needs to be resolved from an IP address before a packet can be delivered.
- ARP plays an important role in the functioning of local area networks (LAN)
- We can demonstrate the ARP process using a command prompt and Wireshark.
To deliver actual frames on a local network, we need the MAC-addresses.
The MAC-address of a typical Multicast starts with those characters: 01-00-5e-..-..-..
Broadcast: ff-ff-ff-ff-ff-ff
The first three blocks (six characters) of the MAC-address are called the organization unique identifier (OUI), which identifies the company.
Command Line Interface: commands for arp
Writeout of the command arp -a: in my case it looks like this
At next, let's start "Wireshark".
Wireshark is a network analyzing tool.
Open Wireshark -> Capture -> Interfaces.. -> now choose your active interface (with the most packets)
It should look like this:
Now we have to create a filter, that only ARP's will be shown:
Options -> Capture Filter -> new -> now we create a filter with the name "ARP only"
Yet we can start the capturing process, by clicking on "OK" and subsequently "Start".
When we go for instance on a web page, we can see now a few listings.
Keine Kommentare:
Kommentar veröffentlichen