(The interface of WinArpAttacker is divided into four output areas. The first area: the host list area, the displayed information includes the IP, MAC, host name of the machine in the LAN, whether it is online, whether it is monitoring, and whether it is under attack. In addition, there are some ARP data packets and forwarding data packet calculation information, such as ArpSQ: the number of ARP request packets sent by the machine ArpSP: the number of reply packets sent by the machine ArpRQ: the received request packets of the machine ArpRQ: is the number of received reply packets of the machine Packets: is the number of forwarded packets, this information is only valid when SPOOF is performed. Traffic: The forwarded traffic, in units of K, this information is only valid when SPOOF is performed. The second area is the detection event display area, where the detected host status changes and attack events are displayed. See the English documentation for a list of things that can be detected. There are mainly IP conflicts, scanning, SPOOF monitoring, local ARP table changes, new machine online and so on. When you move over it with the mouse, a description of the event is displayed. The third area shows the items in the ARP table of the local machine, which is very advantageous for monitoring the changes in the local ARP table in real time and preventing others from conducting SPOOF attacks. The fourth area is the information display area, which mainly displays some output when the software is running. If there is an error in the operation, it will be output from here. Well, that's it for the software interface.)