最新ARP2007病毒防御和解决方法
最新ARP2007病毒防御和解决方法
最新ARP病毒大家都说双绑没用,并不是绑定没用,你绑定的时候是不是突IP?只绑定网关一个?
只绑定网关最新病毒就可以发挥他的做用,大家在绑定的时候记住一定要把本机IP和MAC 一起和网关绑定了 这样最新的ARP病毒就发挥不了他的作用了
下面是自动探测本机MAC 和网关IP 批处理,保存为BAT格式文件,然后加入启动项里面。
@Echo off
Set localip=**localip**
For /F "tokens=2 delims=:" %%i in ('IpConfig /All^|Find /i "Ip Address. . . . . . . . . . . . :"') Do @Set localip=%%i
Set localip=%localip:~1,100%
Set localmac=**localmac**
For /F "tokens=2 delims=:" %%i in ('IpConfig /All^|Find /i "Physical Address. . . . . . . . . :"') Do @Set localmac=%%i
Set localmac=%localmac:~1,100%
Set gateip=**gateip**
For /F "tokens=2 delims=:" %%i in ('IpConfig /All^|Find /i "Default Gateway . . . . . . . . . :"') Do @Set gateip=%%i
Set gatelip=%gateip:~1,100%
ping %gateip% -n 1 > nul
Set gatemac=**gatemac**
For /F "tokens=2 delims= " %%i in ('arp -a %gateip% ^|Find /i " "') Do @Set gatemac= %%i
Set gatemac=%gatemac:~1,100%
arp -s %localip%%localmac%
arp -s %gateip%%gatemac%
set sv=sv-shop
Set svgmac=**svgmac**
For /F "tokens=2 delims==" %%i in ('nbtstat -a %sv% ^|Find /i "MAC Address ="') Do @Set svgmac=%%i
Set svgmac=%svgmac:~1,17%
Set svgip=**svgip**
ping %sv% -t -n 1
For /F "tokens=1 delims= " %%i in ('arp -a^|Find /i "%svgmac%"') Do @Set svgip=%%i
Set svgip=%svgip:~0,100%
arp -s %svgip%%svgmac%
set sv=shop
Set svgmac=**svgmac**
For /F "tokens=2 delims==" %%i in ('nbtstat -a %sv% ^|Find /i "MAC Address ="') Do @Set svgmac=%%i
Set svgmac=%svgmac:~1,17%
Set svgip=**svgip**
ping %sv% -t -n 1
For /F "tokens=1 delims= " %%i in ('arp -a^|Find /i "%svgmac%"') Do @Set svgip=%%i
Set svgip=%svgip:~0,100%
arp -s %svgip%%svgmac%
建议用VBS 启动它 开机没有任何显示,下面是VBS脚本
Set shell = Wscript.createobject("wscript.shell")
a = shell.run ("X:\arp.bat",0)
最简单的ARP防御注册表
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"ArpRetryCount"=dword:00000002
"arpcachelife"=dword:00000001
"ArpCacheMinReferencedLife"=dword:00000001
您现在的位置: 
