For security reasons, I’d like to know for which of the following scenarios would a host (Debian for example) update its ARP table:

  1. It receives a gratuitous ARP for IPs that are not in its ARP table
  2. It receives a gratuitous ARP for IPs that are already in the ARP table (different MAC)
  3. It receives an ARP request that is not intended for it, but for other hosts on the network
  4. It receives an ARP request that is intended for it

Please note that in the four scenarios, the host did not initiate the ARP request, but rather received ARPs

Leave a Reply

Your email address will not be published. Required fields are marked *