-
The LAN is always unstable, and the network is disconnected one after another. The ARP virus killing process is carried out in the local area network. To find out the root cause of the virus, first open all the computers in the local area network, and then ** a tool called "antiarpsniffer", which is an ARP firewall software, which obtains the IP address and MAC address of the poisoned computer by intercepting fake ARP packets at the system kernel layer.
In addition, the software can effectively block the attack of the ARP virus and ensure that the data flow of the computer is correct. When using "antiarpsniffer" to find the infected computer, start the program, then enter the gateway IP in the LAN in the "gateway address" item on the right, and then click "enumerate MAC", then the software will automatically obtain the MAC address of the gateway computer network card. Once the Mac gets it, click the "Auto Protect" button, so that "Antiarpsniffer" will start monitoring all the computers that access the Internet through the gateway.
After a while, you can see an "ARP Spoofing Packet" message pop up on the "AntiarpsNiffer" icon in the system's taskbar. This means that the software has detected the ARP virus. Then I opened the main window of the "Antiarpsniffer" program, and saw a message in the "Detailed Records of Spoofed Data" list of the program, which was the ARP virus information captured by the "Antiarpsniffer" program.
The "gateway IP address" and "gateway MAC address" are the real addresses of the gateway computer, and the MAC address of the spoofer is the MAC address of the ARP virus. The ARP virus pointed the gateway of the LAN to this IP address, causing other computers to be unable to access the Internet. Tips:
The characteristics of the ARP virus are that the computer of the virus will forge the MAC address of a computer, and if the fake address is the address of the gateway server, it will affect the entire network, and the user will often be interrupted from surfing the Internet instantly. Obtaining the spoofer IP "Antiarpsniffer" can block ARP viruses, but it is not effective in ** viruses. In order to get rid of the virus, you need to find the computer infected with the ARP virus.
Through the "antiarpsniffer" program, the MAC of the spoofer is obtained, so that the IP address corresponding to the MAC can be found.
-
You can install Kingsoft or 360's APR firewall on it, and block it automatically.
-
Next 360, turn on the ARP function of the Inside Firewall.
The two-way binding method is used to solve and prevent ARP spoofing. >>>More
This is easy to solve! Didn't you already know about attacking this IP address and MAC address? >>>More
In general, the final solution is to statically set your IP address with the physical address of your computer, because a network card has a unique MAC address. >>>More
The software is not good, why not negotiate directly with the landlord, please set it on the route, the landlord can't always look at his LAN attack, unless he deliberately makes it difficult for you Personally, I think it must be multiple people competing for network bandwidth Using some means, no one will have nothing to do with the sabotage, it is recommended that everyone discuss the speed limit for everyone** Try to watch less network TV Or inform the other party so as not to attack each other and cause inconvenience to yourself and others.
ARP attacks are launched from the data link layer, and ARP firewall and 360 are all application-layer software, which cannot be prevented. In addition, ARP and other network attacks have always existed, and network attacks are sometimes not deliberately sabotage, because the Ethernet protocol has inherent vulnerabilities and difficult-to-manage defects, resulting in various intranet problems. In order to completely solve intranet attacks, the only way to prevent and control the network card of each terminal is to prevent ARP attacks from being issued. >>>More