How to prevent ARP viruses and protect yourself from personal computer viruses

You can change your password. Access the router and bind the IP address to the MAC address in it so that the ARP attack is ineffective.

It is recommended that you also enable ARP Firewall.

There are two types of ARP spoofing: one is to spoof the router ARP table, which intercepts gateway data. Notify the router of a series of wrong intranet MAC addresses, and continue to do so according to a certain frequency, so that the real address information cannot be saved in the router through updating, and as a result, all the data of the router can only be sent to the wrong MAC address, resulting in the normal PC cannot receive the information, resulting in disconnection or inability to access the Internet when surfing the Internet; The other is gateway spoofing of the intranet PC, spoofing the MAC address of the gateway, sending ARP packets to deceive other clients, and letting the PC deceived by it send data to the fake gateway, instead of accessing the Internet through the normal router, resulting in disconnection or failure to access the Internet when surfing the Internet.

In response to this situation, Ruixing provides the following solutions:

Method. 1. On the machine that receives the ARP spoofing, in the Start--Run, enter "cmd", enter MS-DOS, and enter the "arp -a" command through the command line window to view the ARP list. You will find that the MAC has been replaced with the MAC that attacked the machine, record the MAC (in case you need to find it), and then find out the computer with the virus based on this MAC.

Method. 2. Use a third-party packet capture tool (such as SNIFFER or AntiARP) to find the IP address that sends the most ARP packets in the LAN, and you can also determine the computer with the virus.

The virus that causes ARP spoofing is actually an ordinary virus, which can be completely solved as long as you determine the source of the starting package and use antivirus software to check it.

That's how it should be. Anyway, there are not many computers, and each computer in the poisoned LAN has a 360ARP. It should be OK! (360ARP needs to be turned on manually!) ）

Yes, just settle them.

2. All computers in the network are patched with system vulnerabilities in a timely manner.

ARP attack is an attack technique against Ethernet Address Resolution Protocol (ARP). This type of attack allows an attacker to obtain data packets on a LAN and even tamper with them, and can make it impossible for a specific computer or all computers on the network to connect properly. You install a 360 security guard, the ARP firewall of the 360 Trojan protection wall is very powerful, it can effectively prevent ARP attacks, this is off by default, you open it yourself, it's OK, it's a very effective ARP firewall, I hope my answer is helpful to you.

The real-time protection in 360 Security Guard is turned off by default by ARP firewall, and you can turn it on when you find it in real-time protection.

I've also encountered additional problems, I used the most stupid method, installed 360 security guards on all the machines in the unit and turned on the ARP protection, and then let the unit kill the virus by themselves. I haven't had this problem in 5 years.

ARP attacks in the LAN are very normal, as long as you install a 360 security guard, and then turn on this ARP firewall you can rest assured, can be a good defense against ARP attacks in the LAN.

The IP and MAC of this attacker can be spoofed.

The easiest way to do this is to bind it in cmd with arp -s gateway ip) 00-aa-00-62-c6-09 (gateway mac).

The most useful thing is that every machine in the LAN is equipped with an ARP firewall.

A very simple way to turn on ARP attack blocking in 360 Security Guard protection.