AntiARP is the first software offers a whole set of solution to ARP problems in China. It has been programmed by Colorsoft since 2005, and its intellectual property rights are owned by Colorsoft.

From the introduction of ARP and ARP spoofing we can understand that only when the following two aspects are insured, the security between host computer and gateway can be sure.
1. The MAC address from gateway to localhost is correct
2. The MAC address from localhost to gateway is correct
AntiARP can perfectly ensure the above demands. First, AntiARP intercepts spurious ARP data packet through OS kernel, which ensures that the MAC address from gateway to localhost is correct. Second, the Active Defence function of the AntiARP will ensure that the MAC address from localhost to gateway is correct.



The main features of AntiARP:

1. Intercept incoming ARP attack. Intercept incoming spurious ARP packets in OS kernel to protect system to ensure a correct local ARP cache table.
2. Intercept outgoing ARP attack. Intercept outgoing spurious ARP packets in OS kernel to reduce localhost's attacking others after affecting malicious programs.
3. Intercept IP conflict. Intercept ARP packets of Ip conflict in OS kernel to protect system from attack of IP conflict.
4. Active defence. Actively keep communication with gateway and send the correct MAC address to gateway to keep smooth internet connection and communication security.


Besides main features, there are AntiARP's assistant features which will help in the use of main features. They are:

1. Intelligent Defense. Can detect and react to the condition when only the gateway is being ARP spoofed.
2. Trusted Route Monitor. Can detect and react to condition when only the gateway is being ARP spoofed.
3. ARP viruses cleaner. Can locate the local viruses when the localhost has outgoing ARP attacks.
4. Prevent Dos attack. Intercept outgoing spurious DoS data packet of TCP SYN/UDP/ICMP/ARP in OS kernel, note the position of programs which send Dos attack maliciously, and ensure smooth internet connection.
5. Safety mode. Never response ARP request from other machine except gateway to have a hiding effect and reduce ARP attack.
6. ARP flow analysis. Analyze all ARP packets localhost receives, monitor internet and find out potential attacker or infected machine.
7. Monitor ARP cache table. Monitor and repair local ARP cache table automatically. If gateway's MAC address changed by malicious programs is found, alarms will ring and the false address will be fixed automatically.
8. Locate attacker. When the software is aware of attack, it will quickly locate the IP address of attacker.
9. Protect System Time. Prevent the system time from being changed by hostile programs so that to prevent the invalidation of guarding softwares.
10. IE startup page Protection. Prevent IE startup page being changed by hostile programs.
11. ARP cache table protection. Prevent ARP cache table being changed by hostile programs.
12. Self Protection. Prevent AntiARP itself being close by hostile programs.
13. Detect network management software in Local network, like netcut, etc.


The AntiARP can be subdivided into two editions: the Personal Edition and the Server Edition.
These two editions use the same installation program and after the installation the it will automatically identify which edition has been installed according to the operating system edition.
ARP is the English abbreviation of Address Resolution Protocol. It is a link layer protocol working on the OSI Layer2 to provide a link between the layer and the hardware interfaces, and meanwhile serve the upper layer.

The Ethernet exchange equipments on the Layer2 can't identify the IP address which has 32 bits. They transmit the Ethernet data packets through 48-bit Ethernet address, which means that the transmission of IP data packets on the LAN relies on the MAC address, not the IP address, to identify the target. Thus, a corresponding relation must be set up between the IP address and the MAC address, and hence producing the ARP protocol.