Client LAN a database server, reinstall the operating system, no Internet, ping gateway 192.168.0.1 appear in more than 800 ms response time, also time-out drops, check IP, routing configuration, there is no problem. Open the Router Management page via IE http://192.168.0.1, the customer is using the China three routers, but out of a Tp-link router login Management page. Preliminary judgment for ARP Gateway spoofing.
The network administrator arranges the WinXP machine execution scripts that are not properly accessed by all networks in the LAN:
--WINXP machine, Gateway is 192.168.0.1, the MAC address of the gateway router is 46-22-d6-c2-6b-70
@echo off
Arp-d
Arp-s 192.168.0.1 46-22-d6-c2-6b-70
Schedule all network access Win7 or Win2008 machines in the LAN to execute scripts:
--win7,win2008 Machine, note that the IDX of the third row is the IDX value of the connection that is currently being used after the second line of the command is executed
--Gateway is 192.168.0.1, the MAC address of the gateway router is 46-22-d6-c2-6b-70
@echo off
Arp-d
Netsh i i show in
Netsh-c "I i" add neighbors idx "192.168.0.1" "46-22-d6-c2-6b-70"
Protection against ARP Gateway spoofing, IP Mac bidirectional binding script