Hello, may I ask a question?
In " arp -a -n | awk '{++S[$4]} END {for(a in S) {if($2>1) print $2,a,S[a]}}' "
Why is it to judge $2 > 1 to judge the existence of arp attack?

According to the characteristics of the arp attack, the judgment condition should not be the same mac address corresponding to different IPs?

Could you tell me that the meaning of $2 (IP) and 1 comparison?

Thank you!