arp (address resolution protocol) is used primarily to map IP address to physical "MAC address" (confusingly this has nothing to do with "Mac") for a device.
arp cache poisoning is well documented and considering the relative complexity of address resolution protocol it is something that the average Mac user never even thinks of. Not that they think of much, I mean you did buy the computer because someone told you once upon a time that Macs don't get "viruses," right? That's what I thought.
To see the device your computer has mapped itself to open Terminal and just type:
arp -a
If you receive an output with "?" unknown items it's safe to assume that you're address resolution has been "corrupted."
Here's an example of a real output from using the arp -a command:
? (192.168.1.1) at a5:c2:17:a2:b:a1 on en0 ifscope [ethernet]
? (224.0.0.251) at 1:0:5e:0:0:fb on en0 ifscope permanent [ethernet]
? (239.255.255.250) at 1:0:5e:7f:ff:fa on en0 ifscope permanent [ethernet]
The first entry is mapped to a router but is missing the common name typically that would be listed here, such as "Margaret's PT-Link Router."
The second entry is to 224.0.0.251 which is a "multicast" address likely using Apple's zeroconfig bonjour protocol mDNS
The third entry is likely going to the same physical device as the second entry, judging by the MAC address which is for the same manufacturer. You can look up MAC addresses list by using just first 3 parts of the address in this case 1:0:5e. Upon further investigation it turned out 1:0:5e is not registered to a known manufacturer and might be spoofed.