-
What does a firewall do? Is it to prevent external attacks, to prevent external illegal links from intruding? You rely on him to solve ARP attacks and intranet problems for you.
It's not that the firewall can't do it, but the firewall doesn't do this at all, you let the firewall, anti-virus software, and Internet behavior management equipment solve ARP attacks and intranet problems, it's like asking a washing machine to help you heat a meal, it's unreliable.
As we all know, the only thing that can solve the problem of intranet security is that the immune wall router can do it, and the device is not a simple hardware device, but a fusion of immune network technology developed by domestic technicians to solve the problem of intranet attacks and intranet viruses. You can buy one and try it out.
-
The IP address and MAC address are bound. That's what happens. The IP address of other networks is not necessarily the IP address you bind. After you unbind it and get it automatically, try it.
-
Normally, the computer is affected by ARP intrusion attacks and DNS spoofing attacks, which are caused by the poisoning of one or several computers in the local area network, and there are several ways to solve the problem:
1. Install anti-virus software on all computers in the LAN, disconnect the network, scan and kill viruses 2. Enable the firewall on the computer, enable the ARP firewall in the security guard or anti-virus software3. Set the IP address of the computer to a fixed IP, and do not use the dynamic acquisition of the IP address 4. Enter the router and bind the IP address and MAC address of all computers in the LAN 5. On the computer, click [Start] [Run], enter cmd, press Enter, enter arp -d, press Enter, The main purpose is to clear the ARP table. Then enter arp -a, press enter, check the arp table, and if you can still see suspicious arp table entries, execute arp -a few more times.
In most cases, after performing the preceding steps, ARP intrusion attacks and DNS spoofing attacks can be resolved.
-
Answer: 1, he attacks you and affects your Internet speed, relatively speaking, his speed can be improved.
2. Computer poisoning is a normal phenomenon, some people don't know that the computer is poisoned, and they don't stop sending deception information to your local area network.
3. Deploy the immune network and manage each terminal.
-
1.Maybe someone else has opened software that limits the speed of the Internet and wants to monopolize the Internet by themselves.
2。It could also be that one of the computers in the network has been infected with the ARP virus, and the virus is automatically attacking the network.
3。Just leave the 360 firewall open and not afraid of being attacked.
-
Because some terminals in the intranet have been infected with ARP viruses or other intranets. ARP attacks are divided into two types: one is to deceive the intranet client, that is, the host in the ARP virus constantly sends the wrong gateway MAC-IP correspondence in the LAN with a high frequency (sending broadcasts to other hosts in the LAN saying that it is the gateway), and as a result, other hosts in the LAN send data packets to the poisoned host, which eventually causes the data to be sent out and dropped; The other is to deceive the gateway, that is, the infected machine continuously sends the wrong MAC-IP correspondence of the intranet client to the gateway at a high frequency to change the ARP table of the gateway (that is, to tell the gateway that the MAC corresponding IP address of the client below is its own), causing the data sent from the private network to the public network to be returned to the poisoned host when it is returned, and finally causing the intranet client to be unable to accept the data returned by the public network and display the disconnection.
Ethernet has protocol vulnerabilities and is not good at management, which is the technical root cause of frequent network problems. Immunity wall technology is aimed at and solves this problem. Intercept and control directly on the NIC.
Its main features: the technical scope of the immune wall should be extended to the end of the network, to the lowest level of the protocol, to the entrance and exit of the external network, and to the most complete picture of the intranet, which is to hope to fully resist the network virus through the network itself, and at the same time improve the management of the business, so that the network can be controlled, managed, prevented, and considerable.
-
It's normal, there will always be some people with ulterior motives on the Internet who engage in this kind of thing, and they are not aimed at you, but usually carry out this kind of scanning and attacking the entire network segment. Patch the system, and it's better to add a firewall.
-
He uses nothing more than network management software like P2P terminators.
The principle of this type of software is to mimic a router in a local area network. The signal that let the telecom (Netcom) come in passes through the router and then passes through his computer. The software will then send the ARP spoofing packet to your computer.
To put it simply, your network must first pass through his computer in order to control your internet speed.
To solve it, there are several ways.
1.If you have the permission to log in to the router, you can set the Internet access permission in the router to bind the router MAC address, so that his software can't deceive you (but if you can't get into the router, there is no way).
2.Install a higher-privileged P2P terminator or something on your computer, and you can usually find it by searching online. This allows him to be controlled in turn. (but not recommended).
3.The easiest and most effective way is to create an ARP firewall, such as the 360ARP firewall (this firewall needs to be enabled in the network protection in 360 Security Guard), the Shadow Firewall, and so on. I used the 360 one, which was very easy to use, and I blocked all the ARP spoofing packages.
It's all written by yourself, so give a point if you're satisfied.
-
Create a new notepad, copy the following into it, and then change the txt of the suffix to bat and save it, and then run it.
echo off
if exist del
ipconfig /all >
if exist del
find "physical address" >for /f "skip=2 tokens=12" %m in ( do set mac=%%m
if exist del
find "ip address" >
for /f "skip=2 tokens=15" %i in ( do set ip=%%i
arp -s %ip% %mac%
deldel
delexit
-
You first look at how many gateways you have, let's say the gateway is, then start - run - enter cmd, in cmd type :route delete (this is the default route to delete) and then type: route add -p mask metric 1 Enter to confirm.
-
A special move against ARP attacks, so that you will never drop under the rain of ARP attacks.
Does your LAN drop frequently? Have you been the victim of an ARP attack? Have there ever been annoying IP conflicts? If so, or just in case, see below to teach you the tricks against ARP attacks, so that you will never drop under the rain of ARP's attacks.
What happened: First. In the local area network, there are often people who use tools such as network law enforcement officers and scissor hands to restrict other people's access to the Internet.
Second. If someone is infected with a virus in the LAN, a large number of ARP attacks will be automatically sent to the LAN.
Principle: The ARP protocol is the basis for finding IP and network cards in the Windows network. So you can't get around it.
All methods of defense against ARP attacks must be licensed under the ARP protocol. As a result, the current network tools that are okay, such as 360 security guards, can only monitor the attack information, but they can't do anything about it.
Specify the IP address of the virtual NIC as the gateway of the NIC you normally use, for example, the address of your NIC is now and the gateway is, then give the new NIC address, and then right-click the new NIC to disable. This network card must be disabled, otherwise you will go to the virtual network card when you surf the Internet, in fact, it will not work.
-
Bind a static APR table in both directions.
Install ColorShadow, find the source of the attack, and use the cmd command to destroy it directly.
Online learning under the tide, the software configuration is as follows.
Order: cmd death order.
Target: The other party's IP
DNS Value: the DNS value of the other party.
Attack Frequency: 1000m sc
Condition: Network Expansion Packet Broadcast.
Or learn the principle of ARP attack, there is generally an anti-ARP toss-up method.
It's normal for my ARP firewall old prompt to be attacked! You don't have to try to intercept it. What's more, hackers abound now, intercepting one, but not ten thousand. >>>More
I also found out that the path is in C: documents and settings administrator local settings temp >>>More
Some time ago, our company was also attacked, the reason is that the employee received and clicked on the virus, which once paralyzed the company's intranet. >>>More
At present, most of the problems in dealing with ARP spoofing are that the gateway and the terminal bind the IP and MAC addresses in both directions, and then install the ARP firewall on the terminal, but this is not possible. >>>More
You have to hurry up and close the loopholes in the system, it's still too late.