-
I think there should be someone in the LAN who uses ARP to spoof Trojan programs (such as: World of Warcraft, Audition and other number-stealing software, and some plug-ins have also maliciously loaded this program).
1. Don't build your network security trust relationship on the basis of IP or MAC, (RARP also has the problem of deception), the ideal relationship should be based on IP + MAC.
2. Set the static MAC->IP corresponding table, and don't let the host refresh the conversion table you set.
3. Unless it is necessary, stop using ARP and save ARP as a permanent entry in the corresponding table.
4. Use an ARP server. This server looks up its own ARP translation table in response to ARP broadcasts from other machines. Make sure that this ARP server is not hacked.
5. Use"proxy"Transmission of IP.
6. Use hardware to shield the host. Set up your route to make sure that the IP address can reach a legitimate path. (Statically Configuring Routing ARP Entries), note that ARP spoofing cannot be prevented using switching hubs and bridges.
7. The administrator periodically obtains a RARP request with the IP package of the response, and then checks the authenticity of the ARP response.
8. The administrator regularly polls to check the ARP cache on the host.
9. Use firewalls to continuously monitor the network. Note that if SNMP is used, ARP spoofing may lead to the loss of trap packets.
-
It is advisable to install an anti-P2P terminator (which automatically terminates someone if you suspect that they are opening the software) but there is no solution to the problem, after all, you don't have access to manage the network. In addition,The firewall of color shadow is still more useful.,Stand-alone version (free) and Internet café version。 There is also ccproxy to limit the time spent surfing the Internet, etc., if possible, you can register the MAC address of each computer in the local area network, so that you can easily manage it!
However, you need your computer to be a web host, and someone else's computer is connected to the Internet through your computer**. If more than two people in the LAN use software such as the network law enforcement officer, they may end up together, and no one can access the Internet!
-
I'm from an Internet café, and I have always been disturbed by ARP attacks, what binds MAC addresses, establishes fake IPs, fake gateways, all kinds of ARP patches, all kinds of firewalls, all tried, and no method or software can completely defend against it. But now I won't be disconnected in the event of an ARP attack, because I have completely got the source right, that is, the virus has been completely defended, and now our machine, no matter how you get on the yellow net with a large number of viruses or ** virus or something, it's fine.
I don't know your specific situation, are you an ordinary user of your campus network or the administrator of the entire campus network?
If you only need to solve your own problems, then it is recommended that you ** an ARP firewall from Kingsoft, enable the security mode in the security settings, and bind the gateway and the native one.
If you want to get the whole network done, then it is recommended that you double tie it to the router. And use a good anti-virus software, not an anti-virus, but an anti-virus, such as the one produced by Max. Strangling the virus at its source is the right way.
ps: Actually, I have always disliked the problem of high scores, because there are too many cheats, and I advise you not to use anonymous cheating, and it is not good to make it now, I will not hesitate to complain about it, and the consequences will be "banned".
-
An anti-P2P terminator can automatically end someone if you suspect someone is opening one of those programs. But there is no complete solution, after all, you don't have the authority to manage the network. In addition, it is more useful to install an ARP firewall with color shadow.
-
With Kingsoft's ARP firewall, there is an item in the software that is set to connect to the gateway several times per second, and it is generally no problem to set it up (generally 6 times by default).
-
In fact, the ARP attack is a vulnerability in the protocol exploited, and my personal figure is simple, it is a problem solved by installing 360 and starting the ARP firewall.
Directly binding the MAC address of the gateway can basically solve the problem.
-
It's incomprehensible, there's no way.
In fact, the management system is stronger than the technology!
This situation will occur when the management is chaotic, everyone messes up the network, and you also install software such as network law enforcement management, at best, everyone will end up together!
-
I have the best solution, the next 360 software, this software has protection against ARP attacks, I'm using it.
-
Next, bind the IP address to the NIC address of the ARP firewall.
-
Color Shadow ARP Firewall, very good, one word strong.
-
You report three directly to the NMS.
-
For example, the China Network Administration Forum and other forums have a very thorough explanation of ARP attacks.
-
LZ What is your ARP firewall used for?,,It's generally useless to say that Sabang MAC is generally useless.,Find the source of the virus.,You can use the color shadow ARP.,That can find out the source of the virus, such as:The network card opens up the mixed mode.。 In addition, you can see which machine sends a particularly large number of ARP packages, and you can take corresponding measures.
Of course, you can also install a color shadow on the machine of the virus source to prevent the number of packages from being sent out by this machine, which feels very convenient to use.
Of course, this is only a case where you don't need money, and it is not completely possible to be immune to ARP attacks, so it is recommended to be immune. As long as your company is willing to pay, if you don't want to pay like our company, no matter what, the effect is not much better, in saying that now the ARP virus is becoming more and more beneficial, firewalls such as 360 Rising are not much use, ARP packets are still very much in the LAN, and the application rate of the network will become less and less
1) First of all, set the host's ADSL [ Already set up is not used] network neighbor attributes. >>>More
Hardware devices typically required for enterprise LAN installation: firewalls, routers, switches. >>>More
First, buy an eight-port router, or switch.
And the settings of the gateway can be known by looking at the route. >>>More
1.Control Panel User Accounts Turn on a guest account.
2.Then go to the Control Panel, Management Tools, Local Security Policy, Local Policy, User Rights Assignment, Confirm that there is a guest or everyone in the computer accessed from the network, and refuse to access the computer from the network to remove the guest >>>More
Just buy an ordinary router It's the easiest Other methods have disadvantages After connecting, it's OK to set the IP address and your laptop is a wireless network card.