I am trying to understand ARP and ARP cache poisoning. Will a host updates its cache if it gets an ARP response even if it didnt send a request? If yes, is there any particular reason it is designed like that?
Also I have one more question. In case of ARP cache poisoning, does the malicious host flood the network with ARP responses or respond only when some one sends out a request