(The switch is bound to the MAC address and port, and the gateway IP and MAC address are bound to the client. The "double binding" method is used to prevent, but due to the heavy workload of the network management, it cannot ensure that all users are bound on their own computers. Gateway IP and MAC address, so we take the following methods to prevent and find ARP attacks. We recommend users to install the ARP firewall (formerly known as AntiARPSniffer) developed by ColorSoft on their own computers. This software blocks false ARP packets at the system kernel layer and automatically informs the gateway of the exact MAC address of the local machine, which can guarantee the computer where the software is installed. Normal Internet access; block external ARP attacks on this machine and local ARP attacks on external machines. If an internal ARP attack is found, just manage the computer directly; if an external ARP attack is found, search the attacker's computer through the attacker's IP address and/or MAC address according to the actual situation)