Comparison between safety and efficient security of the ARP protocol

Abstract

Due to the Stateless Property of the ARP protocol (It means that a response can be processed despite the request was never received), which introduces some security flaws that makes it vulnerable to various types of attacks resulting in leaks and/or damage of information, They have presented various feasible solutions, amongst these we find S-ARP (secure ARP) and ES-ARP (Secure and efficient ARP), these two, seek to resolve the failure of ARP security, changing and improving its original protocols and performing other configurations that are believed feasible to improve their security. In this article, we will execute an ARP poisoning in order to show the insecurity that the Protocol has, and to compare it against other alternatives, to show the safety of each of these. In conclusion ES-ARP and S-ARP are good choices to improve the safety of the ARP protocol, although is not 100% secure, since if they send the answer and then the poisoned ARP reply is sent before the actual one is received, and set on the cache memory, the victim stores the wrong response in the cache and discards the actual one. When the first ARP request is sent, the victim and the attacker receive the message. Who comes first will get the ARP cache of the victim.