- Kali Linux Tutorial
- Kali Linux - Home
- Installation & Configuration
- Information Gathering Tools
- Vulnerability Analyses Tools
- Kali Linux - Wireless Attacks
- Website Penetration Testing
- Kali Linux - Exploitation Tools
- Kali Linux - Forensics Tools
- Kali Linux - Social Engineering
- Kali Linux - Stressing Tools
- Kali Linux - Sniffing & Spoofing
- Kali Linux - Password Cracking Tools
- Kali Linux - Maintaining Access
- Kali Linux - Reverse Engineering
- Kali Linux - Reporting Tools
- Kali Linux Useful Resources
- Kali Linux - Quick Guide
- Kali Linux - Useful Resources
- Kali Linux - Discussion
ARP Commands
ARP (Address Resolution Protocol) is a networking protocol that is used to map a network address, such as an IP address, to a physical (MAC) address. It is a fundamental building block of the Internet Protocol (IP) and is used to allow devices to communicate with each other on a network. In this article, we will discuss the various ARP commands and their usage, with examples to help you better understand the concept.
ARP Command: arp
The arp command is used to display or modify the ARP cache on a computer. The ARP cache is a table that stores the mapping of IP addresses to their corresponding MAC addresses. The arp command can be used to display the ARP cache, add entries to the cache, and delete entries from the cache.
To display the ARP cache, you can use the arp command without any options. For example, the following command will display the ARP cache on a Windows computer −
C:>arp
This command will display the IP address, physical address, and type of the ARP entries in the cache. The type of entry can be either dynamic or static. Dynamic entries are learned by the computer through ARP broadcasts and are typically used for devices that are connected to the same network. Static entries are manually added by the user and are typically used for devices that are not connected to the same network.
To add an entry to the ARP cache, you can use the -s option with the arp command. For example, the following command will add an entry to the ARP cache for IP address 192.168.1.1 with a MAC address of 00-11-22-33-44-55 −
C:>arp -s 192.168.1.1 00-11-22-33-44-55
To delete an entry from the ARP cache, you can use the -d option with the arp command. For example, the following command will delete the entry for IP address 192.168.1.1 from the ARP cache −
C:>arp -d 192.168.1.1
ARP Command: arp -a
The arp -a command is used to display the ARP cache on a computer, including both dynamic and static entries. This command is similar to the arp command without any options, but it also displays the status of the entries in the cache.
For example, the following command will display the ARP cache on a Windows computer, including both dynamic and static entries −
C:>arp -a
This command will display the IP address, physical address, type, and status of the ARP entries in the cache. The status of the entry can be either incomplete or complete. Incomplete entries are those that have not yet been resolved, while complete entries are those that have been resolved and are in the cache.
ARP Command: arp -g
The arp -g command is used to display the ARP cache on a computer, including only the dynamic entries. This command is similar to the arp -a command, but it only displays the dynamic entries in the cache.
For example, the following command will display the ARP cache on a Windows computer, including only the dynamic entries −
C:>arp -g
This command will display the IP address, physical address, and type of the dynamic ARP entries in the cache.
ARP Command: arp -s
The arp -s command is used to add a static entry to the ARP cache on a computer. This command is used to manually add an entry to the ARP cache for a device that is not connected to the same network. For example, if you have a device with the IP address 192.168.1.100 that is not connected to your network, but you need to communicate with it, you can use the arp -s command to add a static entry to the ARP cache for that device.
For example, the following command will add a static entry to the ARP cache for IP address 192.168.1.100 with a MAC address of 00-11-22-33-44-55 −
C:>arp -s 192.168.1.100 00-11-22-33-44-55
Once the entry is added, you can use the arp command to confirm that the entry is in the cache −
C:>arp
This command will display the IP address, physical address, and type of the ARP entries in the cache, including the static entry for IP address 192.168.1.100.
ARP Command: arp -d
The arp -d command is used to delete an entry from the ARP cache on a computer. This command is used to remove an entry from the ARP cache that is no longer needed or is incorrect. For example, if you have an entry in the ARP cache for a device that is no longer connected to the network, you can use the arp -d command to delete that entry from the cache.
For example, the following command will delete the entry for IP address 192.168.1.100 from the ARP cache −
C:>arp -d 192.168.1.100
Once the entry is deleted, you can use the arp command to confirm that the entry is no longer in the cache −
C:>arp
This command will display the IP address, physical address, and type of the ARP entries in the cache, without the entry for IP address 192.168.1.100.
Conclusion
In conclusion, ARP commands are essential tools for managing the ARP cache on a computer. They can be used to display, add, and delete entries in the cache, allowing devices to communicate with each other on a network. Understanding the usage and examples of these commands will help you better manage your network and troubleshoot any ARP-related issues.
- Related Articles
- ARP, Reverse ARP, Inverse ARP, Proxy ARP, and Gratuitous ARP
- ARP Request
- ARP Table
- ARP Packet Format
- ARP and its types
- Differentiate between Arp and BGP
- What is Address Resolution Protocol (ARP)?
- MySQL Client Commands
- Basic SQL Commands
- What are Shell Commands?
- Cisco Router basic commands
- Kill Commands In Linux
- Data Definition Commands in DBMS
- Data Manipulation Commands in DBMS
- Cisco Switch Configuration basic commands
