asdafdgfgf.com

if your connection suddenly slow and you see “asdafdgfgf.com ” on the status bar (below on the left side) of most browsers in your LAN then it means that one or more of those computers are infected by a trojan which is doing an arp spoofing. causing confusions in your LAN.

you have to find in which computer the trojan’s running, unplug the network cable form it and have it examined by a better antivirus than the one you’re currently using…:)

here’s a way to find it:
login to your router and find information about arp on the network, here’s what i did in my linux router as root :

$ arp -n | grep eth9.86 | grep -v inc

here’s the result :

192.168.173.33 ether 00:16:76:00:4A:ED C eth9.86
192.168.173.77 ether 00:16:76:00:4A:ED C eth9.86
192.168.173.105 ether 00:16:76:00:4A:ED C eth9.86
192.168.173.32 ether 00:16:76:00:4A:ED C eth9.86
192.168.173.35 ether 00:16:76:00:4A:ED C eth9.86
192.168.173.6 ether 00:16:76:00:4A:ED C eth9.86
192.168.173.73 ether 00:16:76:00:4A:ED C eth9.86
192.168.173.110 ether 00:16:76:00:4A:ED C eth9.86
…..and more

we can see that most of the ip’s have 00:16:76:00:4A:ED as the mac address. this is a strong indication that the computer’s doing arp spoofing and is the root of the problem. a normal condition should be like this :

192.168.173.33 ether 00:11:25:6B:6C:9E C eth9.86
192.168.173.77 ether 00:01:6C:9E:4C:A6 C eth9.86
192.168.173.105 ether 00:11:25:6B:63:BC C eth9.86
192.168.173.32 ether 00:11:25:F1:59:4A C eth9.86
192.168.173.35 ether 00:01:6C:9E:63:29 C eth9.86
192.168.173.6 ether 00:15:77:28:75:26 C eth9.86
192.168.173.73 ether 00:50:DA:3A:F5:15 C eth9.86
192.168.173.110 ether 00:16:76:01:86:F2 C eth9.86
192.168.173.2 ether 00:1B:54:ED:B3:C7 C eth9.86
…..and more

more information on this subject can be find at http://www.netoptima.in/arprotect/

Latest posts by gregor (see all)

1 thought on “asdafdgfgf.com”

Leave a Reply

Your email address will not be published. Required fields are marked *


*