-
The most fundamental solution to prevent ARP attacks is to set up static ARP tables.
Set the IP address to be bound to the MAC address on the router side, and set up a static route table on the access computer side, so that the fewer computers connected to the route, the simpler, the easier.
From the perspective of a complex network, it is not very useful to install antiARP on your computer, and the packets you send may not be able to reach the right place in the case of an ARP attack, because the ARP table of another address will not be able to receive the data you want to send to him.
-
Kingsoft Shell ARP Firewall.
4.Intercept external ARP attacks: Intercept external ARP attack packets at the system kernel layer to prevent the local device from being infected with viruses and Trojans from becoming the source of attacks.
5.Security mode: does not respond to ARP requests sent by machines other than the gateway to achieve stealth and avoid ARP attacks.
6.Trojan Horse Detection: Integrate the "Shell Trojan Kill" function to protect your computer from Trojan viruses.
-
Halo Find the host of the ARP attack to see if it's a virus or network management software It's not easy to do.
Toxic and poisonous, not poisonous and murderous.
-
How do you want to prevent ARP? If you want to prevent it thoroughly, you have to use an immune wall, and the most thorough defense against ARP.
-
When I was a network administrator, the biggest headache was ARP, which was broadcast, that is to say, I had to find a way on the VLAN (virtual LAN), and each port made a VLAN, and I had to cooperate with the switch that could be managed to do it, but you didn't have the ability to use a wireless router. Therefore, it is really unrealistic to put an end to it, and several people in our computer room have exhausted all methods (including tying IP, installing patrol police, antiarp, etc.), and finally relying on the network management switch and Tietong's strong router backing to not die routing.
What you can do:1If your unit machines are fixed, put 360 Security Guard on each machine and turn on LAN ARP defense.
2.Then change your router IP to not use the default or this common network management to reduce the possibility of being attacked.
-
If you set it up like this, if it is a wireless router used as a secondary router, it must be used as a wireless AP.
1. First of all, change the WAN port of the wireless router to a different network segment, the default is to wait for 1 network segment anyway, and all routers are almost 1 network segment, that is, the WAN port network segment of the wireless router should not be in the same network segment as the network segment of the above router.
2. The second is to turn off the DHCP function of the wireless router, which depends on the company, some companies are automatically obtained IP addresses and some companies are fixed IP addresses, the DHCP function of the first-level router is turned on, pay attention to the range of IP addresses must be planned, and the range of IP addresses obtained automatically must not conflict with fixed IP addresses.
However, there are many ARP attacks nowadays, and traditional measures to prevent ARP are not very effective, so you can learn about immune-strong routers.
The router you bought has a manual inside, and different router settings are different.
You can use the route as an exchange, that is, the access line, connect to the LAN port, and then change the DHCP address to your original network segment address, or close the DHCP server, and manually fill in the IP address after the laptop wireless access.
If it is a wireless bridging, the model of the two routers must be the same model as well, I have also bridged a lot of routers, in general, TP bridges Tengda's can be, but with Tengda's bridge to other routers, the success rate is not high. First enter your router, then click to turn on WDS, then scan, find your other router, then click to connect, then enter cmd in the run dialog box, and then enter, click OK, if the number can appear, it means that it can be passed. Then enter your path finder, change the IP of the machine to, that is, to separate from the IP address of the router you want to bridge, at this time run in the dialog box, enter ping If it can be passed, it means that the signal of the previous router can be received, and then enter if it is also passed at this time, it means that the bridge is successful, at this time go back to the interface of the router you bridged, take a look at the moving status, if the display is successful, then good luck, this and then turn off the DHCP, and then it's OK, of course, Not all routers can be bridged successfully, some can succeed, some can't, good luck.
There is no doubt that the problem should be approached in this way: >>>More
Continue to select "ADSL Virtual Dialing (PPPoE)", then enter the password of your broadband, next, save, and then connect, the IP address appears to indicate that the connection is up, provided that your broadband is normal, if the setting still does not work, then you try to restart the modem and router, and try again. >>>More