What to do if your computer keeps dropping

To find telecommunications, first determine whether it is a network problem of telecommunications; If not, check the virus again to see if it is affected by the virus; If not, it's time to see if there's a problem with the hardware. Let's check it step by step and see what the problem is!

It should be a problem with your computer. You look at the re-installed system and see.

Your fiber is plugged directly into your computer. Or is it connected on the router?

Ping the gateway to see if it can be pinged, and then run the arp -a to view the ip-mac table, if the ip address does not correspond to the gateway, the mac may be attacked by arp.

There are two types of ARP spoofing, one is the spoofing of the router's ARP table; The other is gateway spoofing for intranet PCs.

The first type of ARP spoofing works – intercepting gateway data. It notifies the router of a series of wrong intranet MAC addresses, and continuously proceeds according to a certain frequency, so that the real address information cannot be saved in the router by updating, and as a result, all the data of the router can only be sent to the wrong MAC address, causing the normal PC to not receive the information.

The second type of ARP spoofing works – fake gateways. It works by setting up a fake gateway and letting the PC tricked by it send data to the fake gateway instead of surfing the Internet through a normal router. In the eyes of the PC, it is just that it can't be connected to the Internet, and "the network is disconnected".

The usual solution is:

1. In the broadband router, input the IP-MAC of all PCs into a static table, which is called router IP-MAC binding. 2. Set the static ARP information of the gateway on all PCs on the intranet, which is called PC IP-MAC binding. The third is a combination of the first two methods, which is called IP-MAC two-way binding.

The method is effective, but the work is tedious and the management is cumbersome. Binding each PC is already laborious, and it is even more painful to add, maintain, and manage such a long list of router items. Once the capacity is expanded and adjusted in the future, or the network card is replaced, it is easy to cause confusion due to negligence.

In addition, there are new variants of ARP, and the second-generation ARP attacks have the ability to automatically propagate, and the existing macro file binding method has been broken, which is mainly manifested in the spread of viruses through network access or inter-host access. Since the virus has infected the computer host, it can easily remove the ARP static binding on the client computer, with the cancellation of the binding, the wrong gateway IP and MAC correspondence can be smoothly written to the client computer, the wrong gateway IP and MAC correspondence can be smoothly written to the client computer, ARP attack is unimpeded again.

I have also been poisoned by ARP, the hard-working two-way binding encountered the second generation of ARP attacks has become nothing to hide, I think that in order to truly eliminate ARP attacks, we still need to link every computer in our intranet, jointly prevent, jointly suppress, the firewall of anti-ARP attacks is far from enough, this can only ensure that you may not be attacked, but can not prevent you from sending ARP attacks, so it is a symptom but not a cure, so if you want to really eliminate ARP, the most fundamental way to cure ARP is to suppress it from the source, That is, the emission of ARP attacks is inhibited from each terminal, so in order to completely eliminate ARP attacks, it depends on the combination of software and hardware, which cannot be achieved by hardware alone.

I heard that there is a popular one called immunity wall on the market recently, and the defense against external network ARP attacks and internal network ARP attacks is very good, so you can try it.