ARP Spoofing Defense? Can you control your computer remotely?

What exactly ARP deception is, what it is, this encyclopedia says better than me, so I won't talk about it here. ARP spoofing generally occurs in the local area network, and the spread of many viruses in the local area network relies on ARP spoofing to achieve it. However, nowadays, some simple settings can prevent ARP spoofing by a slightly experienced network manager.

If your cousin's computer is connected to the Internet on a local area network, it is possible to take control of your cousin's computer by spreading Trojans through ARP spoofing. But I don't understand what you mean: controlling a computer with ARP spoofing defense.

Trojan is a program that can control other people's computers,Your cousin's computer should be a Trojan.,It is recommended that you check and kill the virus,Or reinstall the system.,To be honest, I'm here for your points.,If you don't understand, you can add me Q.,Help you solve the problem at any time.,I hope to give points.,Thank you.。

My inference: Her computer network speed is not good, so I called someone to do it, and that person installed the ARP firewall, turned on the ARP spoofing defense function of the firewall, and the network speed was good. But that person also left a backdoor on the computer, may have created an administrator account and opened the remote desktop, may have installed a no-kill Trojan, or added the Trojan to the trust list of antivirus software, and that person can easily control the computer remotely.

Of course, being remotely controlled is not necessarily the person who did it, but it may also be a Trojan horse on the Internet. Wish.

360 Trojan firewall with it. Click Settings to see the ARP Firewall option in the left list.

LAN,It's easy to be attacked by other computers' ARP,It's good to install a good ARP firewall,This I've been using the 360 security guard's ARP firewall,This function is still good。

1. arp -a is mainly used to view and check the mac address, and this command is mainly used to find the source of arp virus or attack.

2. ARP -S can be used to bind IP addresses and MAC addresses, generally only need to bind gateways. It can be started automatically by making batch files.

3. No matter what restrictions you have here, since viruses and ARP attack tools can come in, then antivirus software and other tools should also have a way to get in, and removing the root cause is the most fundamental, which requires the help of software.

It's good to be 360, this can be prevented, and it may be an IP conflict.

The next ARP firewall, such as the 360ARP firewall.

You can use 360 software to prevent ARP viruses and enable LAN protection. Or take the time to read the following tips.

LAN ARP Prevention Tips:

At present, the most effective way to protect against ARP Trojan viruses in LAN is to bind IP and MAC addresses between the gateway and the terminal, but this method still cannot effectively prevent ARP attacks on LAN. In fact, the most important reason is that when we found the ARP virus and set up a two-way binding, the ARP virus had already changed the MAC address of the local computer, resulting in invalid binding. On the other hand, there is man-made destruction, such as the use of P2P terminators in the LAN, and many other situations, which may lead to a large number of ARP packets in the LAN, which will lead to the degradation of network performance.

How should we face and solve these problems?

First, do a good job of the first line of defense, so that the gateway and the terminal bind IP and MAC addresses in both directions. For each computer in the LAN, use the "ipconfig" command to obtain the local IP and MAC addresses, and add this information to the router ARP mapping table. At the same time, you can obtain the IP and MAC address of the router by viewing its LAN port parameters, and then implement static ARP binding on each computer in the LAN.

To do this, open the Run dialog box, enter cmd to enter the msdos interface, and use the ipconfig command to obtain the IP address and MAC address of the machine. Then open the browser, enter the address of the router, enter the router configuration interface, locate the binding position of ARP and IP address in the interface, set the "matching rules between the MAC address and the IP address of a stand-alone machine", and specify the IP address of each computer in the LAN to bind the corresponding MAC address.

Second, use "Network Parameters" - "LAN Port Parameters" to find the MAC address and IP address of the router, and then implement static ARP binding in each computer in the LAN. To do this, open the Run dialog box, enter cmd to enter the MSDOS interface, and then bind the gateway IP address and MAC address by entering the command shown in the figure.

Third, pay the price of less in exchange for the long-term peace of the local area network. Turn on the ARP firewall feature of the security protection software.

Fourth, we need to eradicate the roots and thoroughly track down and kill the ARP virus. The LAN ARP spoofing detection tool is used to determine the source of ARP attacks, and then the ARP killing tool is used to kill the virus. After finding and locating the source of the attack, install the ARP kill tool on the corresponding computer to perform the killing operation.

For example, when our machine is attacked by ARP, we find the MAC address of the attack source, compare the MAC address with the ARP mapping table in the router to determine the source of the attack, and then enter the ARP detection and killing of the host.

In severe cases of ARP spoofing, the network will be paralyzed.

The following options are recommended:

1.Enter arp -a in the DOS window. Check the MAC addresses corresponding to each IP address, if there are duplicate MAC addresses, ARP spoofing may exist.

2.If you install an ARP firewall, you can generally prompt an attack when there is an ARP attack**.

3.Install the "Network Health Detection Plug-in" in wfilter to detect the IP address, MAC address, and MAC vendor information of ARP attacks.