ARP spoofing phenomenon:
A, the local area network frequent regional or overall drop down, restart the computer or network devices after the normal return. When a computer with ARP spoofing is communicating within the network, it causes frequent drop of the line, and when such problems occur, restarting the computer or disabling the NIC or restarting the network device will temporarily solve the problem, but the line drop will occur;
B, fast speed when slow, extremely unstable, however, when the data test is carried out by a single machine, when a computer in the domain is illegally invaded by ARP spoofing program, it will continuously send a large number of illegal ARP spoofing packets to all the computers and network devices in the network, blocking the network channel, resulting in heavy load of the network equipment, Cause the communication quality of network is unstable;
C, online banking, games and QQ account frequent loss of some people in order to obtain illegal benefits, using ARP spoofing program to carry out illegal activities in the net, the main purpose of such programs is to crack the encryption and decryption algorithm when the account is logged in, and then intercept the user's information by intercepting the packet in the LAN and then analyzing the data communication protocol. Run this type of Trojan virus, you can get the entire LAN Internet user account details and steal.
How to determine ARP spoofing:
A, landing to the router, view the "Running state" ―> "LAN port State", the router has the MAC address information;
On computers that are unable to access the Internet, click "Start"-> "Run" and enter "cmd" to eject the command prompt window. Enter Arp-a to view the ARP counterpart information for this computer. If normal, the ARP mapping relationship should correspond to the IP and MAC addresses that are seen in the "Running state" on the router. The following figure:
b, if you enter at the command prompt: Arp-a, see that the corresponding MAC address of the gateway is not the LAN Port MAC address of the router, then ARP spoofing has occurred. The following figure.