-
Anonymous users2024-02-06First of all, it is clarified that ARP is not a virus, but a "protocol attack behavior", so it is called a virus because the current transmission mode and outbreak phenomenon of ARP attack tools have become closer and closer to viruses. ARP (Address Interpretation Protocol) is an indispensable key protocol in network communication protocols, which is responsible for translating IP addresses into corresponding MAC addresses. The existence of ARP gives good people an opportunity to take advantage of it, but without the ARP protocol, network devices will not be able to communicate with each other, which is the main reason why ARP is a mouse.
ARP viruses can be divided into two types, one is ARP spoofing and the other is ARP attack. ARP spoofing was first used by hackers to steal networks, and later it was widely used in network management tools such as cyber guards and cyber enforcement officers, where the scammers will send data to a disguised host to intercept the data. The ARP attack is purely for the main purpose of destroying network communication, sending fake ARP request packets or reply packets, so that all hosts in the network lose their orderly organization and contact, so ARP attacks have become an important way to fight each other in the business activities of Internet cafes.
For the ARP virus to spread, there must be a "broiler", that is, a host that is easily infected, and by gaining control of the host, it can send ARP spoofing, fake ARP request packets and reply packets. Due to the lack of distinctive characters and the importance of ARP in network communication, OfficeScan and firewalls are helpless against ARP viruses. Therefore, blocking the outflow of problematic data from the source and allowing legitimate ARP data packets at the same time is the ultimate solution to completely get rid of ARP trouble.
The patrol "immune wall" came into being, and the immune wall terminal installed on the PC can complete the guardian binding of MAC-IP, completely ** ARP virus impact, even if the machine is poisoned (delete the static binding list of the machine), it can not affect itself and the network. The patrol monitoring terminal installed on the server provides a "visual" operation platform for the network, which can not only achieve "attack positioning", but also limit the ARP virus to a single machine, completely avoiding its damage to the network. In addition, network administrators can develop policies to define attacks and develop "counter-action" measures as punishment.
At the same time, it cooperates with Xinxiang router with "ARP innate immunity" function to deal with ARP virus attacks on internal and external networks, forming a complete solution of trinity. Wish.
For known viruses, after installing antivirus software, you can scan your computer to see if it is poisoned. If you have an older virus database, some antivirus software won't be able to detect it. Here's how to help. >>>More
You can make the next kill, or you can remove it manually. >>>More
In the process of installing the system, you can format the C drive, if you use the ghost installation system, he will automatically overwrite the original things of the C drive. >>>More
It may be a false positive, add an exclusion.
Method 1 Use antivirus software to kill the virus Press F8 to enter the safe mode to kill the virus If it doesn't work, teach you to kill him manually Go to regedit search The file that appears above msconfig is removed from his entry under the startup In safe mode, delete the file under document 1 **local 1 temp (**is the user name) Method 2 Redo the system, format the C disk first and then do it, a new virus comes with a restore card technology. The final interpretation of this belongs to Jay, and it is strictly forbidden to **!! Wish.