下载NbtScan1_5_1.rar解压缩后生成两个文件cygwin1.dll nbtscan.exe,将这两个文件copy到c:\windows\system32\下
下载Antiarp.rar 解压缩后生成Antiarp.exe,运行Antiarp.exe文件,并参考如下设置:

输入网关,点"获得网关MAC地址",输入本机IP和本机MAC(在dos输入ipconfig/all获得),点"防护地址冲突"

若局部网(VLAN)有ARP攻击,就会每格几妙提示来自xx-xx-xxx MAC机器的攻击,为了找到该MAC地址是那台机器,需要知道其IP

地址,在dos输入 nbtscan 192.168.1.xx-xx,则显示MAC与IP对应表,但安装了防火墙的机器,无法知道对应表,就需要手工查找,演示>>

或者通过交换机端口查找

nbtscan是一个扫描WINDOWS网络NetBIOS信息的小工具，2005年11月23日发布。
    NBTSCAN身材娇小，简单快速。但只能用于局域网，可以显示IP，主机名，用户名称和MAC地址等等。
    使用帮助：
nbtscan.exe -v
Usage:
nbtscan [-v] [-d] [-e] [-l] [-t timeout] [-b bandwidth] [-r] [-q] [-s separator] [-m retransmits] (-f filename)|(<scan_range>)
        -v              verbose output. Print all names received
                        from each host
        -d              dump packets. Print whole packet contents.
        -e              Format output in /etc/hosts format.
        -l              Format output in lmhosts format.
                        Cannot be used with -v, -s or -h options.
        -t timeout      wait timeout milliseconds for response.
                        Default 1000.
        -b bandwidth    Output throttling. Slow down output
                        so that it uses no more that bandwidth bps.
                        Useful on slow links, so that ougoing queries
                        don't get dropped.
        -r              use local port 137 for scans. Win95 boxes
                        respond to this only.
                        You need to be root to use this option on Unix.
        -q              Suppress banners and error messages,
        -s separator    Script-friendly output. Don't print
                        column and record headers, separate fields with separator.
        -h              Print human-readable names for services.
                        Can only be used with -v option.
        -m retransmits  Number of retransmits. Default 0.
        -f filename     Take IP addresses to scan from file filename.
                        -f - makes nbtscan take IP addresses from stdin.
        <scan_range>    what to scan. Can either be single IP
                        like 192.168.1.1 or
                        range of addresses in one of two forms:
                        xxx.xxx.xxx.xxx/xx or xxx.xxx.xxx.xxx-xxx.
Examples:
        nbtscan -r 192.168.1.0/24
                Scans the whole C-class network.
        nbtscan 192.168.1.25-137
                Scans a range from 192.168.1.25 to 192.168.1.137
        nbtscan -v -s : 192.168.1.0/24
                Scans C-class network. Prints results in script-friendly
                format using colon as field separator.
                Produces output like that:
                192.168.0.1:NT_SERVER:00U
                192.168.0.1:MY_DOMAIN:00G
                192.168.0.1:ADMINISTRATOR:03U
                192.168.0.2:OTHER_BOX:00U
                ...
        nbtscan -f iplist
                Scans IP addresses specified in file iplist.