In such a situation, is it an ARP virus?

Updated on society 2024-04-14
3 answers
  1. Anonymous users2024-02-07

    It's not an ARP virus, it's unlikely that ARP is in diskless Internet cafes, and it's not the phenomenon you're talking about. Slow startup could be something else.

  2. Anonymous users2024-02-06

    The principle of ARP spoofing.

    The ARP spoofing used by cyber enforcers makes it impossible for an attacked computer to access the Internet by preventing the computer from finding the MAC address of the gateway. So what's all about ARP spoofing? Knowing what it is, knowing why it is is our fine tradition of Hacker X Files, let's talk about this below.

    First of all, let's talk about what arp is, arp (address

    resolution

    Protocol) is an address resolution protocol, which is a protocol that converts IP addresses into physical addresses. There are two ways to map from an IP address to a physical address: a non-one.

    Specifically, ARP parses the address of the network layer (IP layer, which is equivalent to the third layer of OSI) to the MAC address of the data connection layer (MAC layer, which is equivalent to the second layer of OSI).

    ARP principle: If machine A wants to send packets to host B, it queries the local ARP cache table, finds the MAC address corresponding to B's IP address, and transmits data. If it is not found, an ARP request packet (carrying the IP address of host A is -- the physical address PA) is broadcast, and the request IP address is the physical address PB of host B of IB.

    All hosts on the network, including B, receive ARP requests, but only host B recognizes its IP address and sends an ARP response packet to host A. It contains the MAC address of B, and after A receives B's reply, it will update the local ARP cache. This MAC address is then used to send data (the MAC address is attached by the network card).

    Therefore, the ARP table of the local cache is the basis of local network circulation, and the cache is dynamic.

    The ARP protocol does not receive an ARP reply only when an ARP request is sent. When the computer receives the ARP reply packet, it will update the local ARP cache and store the IP and MAC addresses in the ARP cache. Therefore, if B sends a forged ARP reply from B to A, and if the reply is forged by B impersonating C, that is, the IP address is the IP of C, and the MAC address is forged, then when A receives the forged ARP reply from B, it will update the local ARP cache, so that A's IP address has not changed, and its MAC address is no longer the original one.

    Since the network circulation of the LAN is not based on the IP address, but according to the MAC address. Therefore, the forged MAC address is changed to a non-existent MAC address on A, which will cause the network to be unreachable, resulting in A not being able to ping C! That's a simple ARP spoof.

    That's how cyber enforcement officers take advantage of it! Knowing how it works, it's much easier to break through its defenses.

  3. Anonymous users2024-02-05

    The main symptoms at the time of ARP attack:

    1. Frequent loss of online banking, games and QQ.

    In order to obtain illegal benefits, some people use ARP spoofing programs to carry out illegal activities in the network, and the main purpose of such programs is to crack the encryption and decryption algorithm at the time of login, by intercepting the data packets in the local area network, and then intercepting the user's information by analyzing the data communication protocol. By running this type of Trojan virus, you can obtain and steal the details of Internet users in the entire local area network.

    2. The network speed is sometimes fast and slow, and it is extremely unstable, but everything is normal when the single machine is tested for optical fiber data, and after a computer in the domain is illegally invaded by the ARP deception program, it will continue to send a large number of illegal ARP deception data packets to all computers and network equipment in the network, blocking the network channel, causing the network equipment to be overloaded, resulting in unstable communication quality of the network.

    3. Frequent regional or overall disconnection in the local area network, restart the computer or network equipment to return to normal when the computer with ARP deception program communicates in the network, it will lead to frequent drops, restarting the computer or disabling the network card after such problems will temporarily solve the problem, but the drop will still occur.

    Wish!!

Related questions
2 answers2024-04-14

There are two types of ARP spoofing, one is the spoofing of the router's ARP table; The other is gateway spoofing for intranet PCs. 360 Security Guard comes with an ARP firewall and can be used.

7 answers2024-04-14

Whatever your family does, it's for your good, and I hope you can understand them. But the problem is, they don't understand you, and that's a big problem. You are very filial, and you can see it, so you are embarrassed by yourself. >>>More

10 answers2024-04-14

Since you can find it out, find the file, and delete it after unlocking it with unlock software, it's very convenient.

4 answers2024-04-14

If you are a doctor, what should you do if you encounter such a problem? I don't think the residual glass shards in the wound were deliberately left in the doctor. Besides, the doctor's eyes should be the same as yours, maybe more short-sighted than yours, can you guarantee that the pig's head will be cleaned? >>>More

17 answers2024-04-14

Ebola virus (EBV) belongs to the Filoviridae family and is a long, negative-stranded RNA virus with 18,959 bases and a molecular weight. There is an envelope on the outside, the diameter of the virus particles is about 80 nm, the size is 100 nm (300 1500) nm, and the virus with strong infection ability is generally about (665 805) nm long, with branched, U-shaped, 6-shaped or ring-shaped, and branched shape is more common. There is a capsule with (8 10) nm long fibrils on the surface. >>>More