& Nbsp; log on as an administrator. open the terminal and enter 1, # arp-a & gt; /etc/ethers imports the ip address and mac address to ethers2 and # vi/etc/ethers to edit the file format. the content of the ethers file must be deleted in the following format and changed to the format ipmac192.168.1.XXX: XX: XX: XX
Log on as an administrator and enter
1. # arp-a>/etc/ethers
Import ip and mac addresses to ethers
2. # vi/etc/ethers
Edit the file format. the content of the ethers file must be deleted in any of the following formats.
192.168.1.X XX: XX
192.168.1.X XX: XX
...
// Note that mac is capitalized, and there is no O, only zero, ip and mac space
3. # vi/etc/rc. d/rc. local // open and display the/etc/rc. d/rc. local file and the startup item file.
# I // Edit
// Execute arp-f at startup to bind according to the content in/etc/ethers
Add the last line in the/etc/rc. d/rc/local file
Arp-f
Exit editing from ESC
: Wq // save and edit
4. # arp-f // run the save binding
(Gateway mac is not included in ethers; otherwise, an error is reported)
This can only prevent some arp attacks. If you import all the ip mac addresses in the network into the ethers file, it can effectively prevent arp attacks.
1. nmap-sP 192.168.11.0/24
Scan, the result is that my arp table contains the mac of all machines in that network segment, copy all information to the/etc/ethers file
2, 3, 4 Same as above