In network the Address Resolution Protocol (ARP)
is the standard protocol to be use to look for a
MAC Address of host when only its IP Address is
To achieve ARP spoof,
IP Address or MAC Address will be
it will be a large
From the way of affecting network connection, there
are two possible ARP attacks, one is
cheating router. Of course, the two attacks may
occur at the same time. Anyhow, once there is ARP
spoof in network, the data
and computers will be sent to wrong MAC Address
and the connection can’t establish successfully.
How do we prevent ARP spoof?
According to the two cheat ways, we have to prevent
ARP spoof both on
What do I need to prepare before preventing ARP
When you enable ARP spoof preventing function (MAC
Address binding) on TP-LINK Router, you’d better
do not obtain IP Address dynamically on your computers,
because it will obtain different IP Address with
the one in
Address & IP Address binding entry. Please set static
TCP/IP properties on your computer.
Disable DHCP Server on the router after you login
the Web-based Utility of it.
(1) Click DHCP-DHCP Settings
on the left page.
Disable item for
(3) Click Save button to
How to set the router to prevent ARP spoof?
Open the web browser and type the LAN IP address
of the router in the address field, the default
IP address of TP-LINK router is 192.168.1.1/192.168.0.1,
and then press Enter.
Type the username and password in the login page,
the default username and password both are admin.
Click IP & MAC Binding->Binding setting on the left
Select Enable ARP Binding, and click Save.
Click ARP List on the left page, you can see ARP
table the router learns.
If you can confirm the ARP table is correct, please
click Load Add and Bind All, then all IP Address
and MAC Address of your computers showed on the
ARP table will be binded.
But if you can’t confirm the ARP table is
please add IP Address and MAC Address of your computers
(1) Click Add New to set IP & MAC Bingding.
(2) Enable Bind, and type the MAC Address and IP
Address of your computer.
You should know the MAC address of the computers
which you would like to allow them to access the
Internet. You can view them on the computers with
(1)Click Start->Run, type cmd and press Enter.
(2) Type ipconfig/all at the prompt window, press
Enter, it will show the MAC address and other address
information of this computer.
Click Save to save the settings.
How to set on computer to prevent ARP spoof?
At first you should know MAC Address of the router,
you can view the information on LAN
Status after you login Web-based Utility.
ARP command program is built-in on Microsoft Operation
System, we can use it on prompt command.
Click Start->Run, type cmd and press Enter.
Type arp –s 192.168.1.1 00-19-e0-fa-5b-2b on the
window and press Enter.
192.168.1.1 is IP Address of router and 00-19-e0-fa-5b-2b
is MAC Address of router. Then type arp –a on the
window, we can view the type of entry we add is
we have added static arp binding entry on computer
then the data to router won’t be sent to wrong place.
But we will find the entry will disappear after
computer and we need to re-type the command.
How can we do to make it running automatically without
typing command manually every time?
We need to create a batch file with extension name
which is .bat, such as static_arp.bat, and edit
it. Please type ARP command on it to bind IP Address
and MAC Address of the router on your computer,
then save it.
Then click Start->All Programs, double click Startup,
locate the batch file static_arp.bat in the folder.
After doing this, it will run arp command automatically
the computer every time.