IP Address, MAC Address and ARP | Practical Approach

Naman Jain
4 min readOct 24, 2020

--

They can locate you👀… another update…

What is MAC Address ?

A MAC address is a 48-bits hardware identification number that uniquely identifies each device on a network. This is embedded into every network card (known as Network Interface Card) during the time of manufacturing, such as an Ethernet card or Wi-Fi card, and therefore cannot be changed. MAC Address is also known as Physical Address of a network device.

MAC addresses are used only to transmit packets from one device to the next as data travels on a network. Thus it is used for local communication or layer 2 networking.

Find your Mac Address.

Window’s Command Prompt
Linux Terminal

What is IP Address ?

A numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: host or network interface identification and location addressing.

Types:

IPv4 addresses

An IPv4 address has a size of 32 bits, which limits the address space to 4294967296 (232) addresses.

IPv6 addresses

In IPv6, the address size was increased from 32 bits in IPv4 to 128 bits, thus providing up to 2128 (approximately 3.403×1038) addresses.

ARP

Address Resolution Protocol (ARP) is a procedure for mapping a dynamic IP address to MAC address.

Packet Analyzer 🧨

A packet Analyzer or packet sniffer is a computer program, or computer hardware such as a packet capture appliance, that can intercept and log traffic that passes over a computer network or part of a network. Packet capture is the process of intercepting and logging traffic.

Demo Using POWERSHELL and WIRESHARK 🤩(Free and open-source Packet Analyzer)

Step 1: Open PowerShell in Administrator mode.

Step 2: Using ‘ arp -a ‘ command to show computer’s ARP cache.

Here you find two types, showing if it is learned by ARP(dynamic) or it’s a static entry.

All f’s is broadcast address. A broadcast address is a network address used to transmit to all devices connected to a multiple-access communications network. A message sent to a broadcast address may be received by all network-attached hosts.

Step 3: Open WIRESHARK. Select Interface(say Ethernet) then start capturing by clicking capture button.

Example Output Screen

Step 4: Using ‘ ping ‘ command to test the reachability of a host on an IP network.

Step5: Check your ‘ arp -a’ output again. You will find your new pinged ip address and MAC address there.

Bravo! you have understood basics of MAC address, IP address and used ARP to find any MAC address mapped to IP address. I encourage you to explore WIRESHARK more, there’s lot more information you are receiving.

If your friend got your IP address , no worries until he/she knows how to use it to send payloads with malicious data to your PC. I am leaving this for another article.

Ping me here🎡. You can find me in 127.0.0.1.🎭

--

--

Naman Jain
Naman Jain

Written by Naman Jain

Here to share my understanding and learn from you all.

No responses yet