请高手来看看我的ARP跟踪记事本，这是怎么回事，黑客攻击么？谢谢各位大侠了。我的瑞星防火墙却没有一点反应不知正常不正常？ bbs.ikaka.com

twh321 - 2010-10-10 19:00:00

请高手来看看我的ARP跟踪记事本，这是怎么回事，黑客攻击么？谢谢各位大侠了
这是我摘取了一部分日志，我是学文的，对这些不是很懂，望高手指点，应该怎样做才好。
2010-10-06 17:48:37 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:37 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:42 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:42 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:43 CLOSE UDP 192.168.2.84 219.146.0.130 64098 53 - - - - - - - - -
2010-10-06 17:48:43 CLOSE UDP 192.168.2.84 219.146.0.130 57285 53 - - - - - - - - -
2010-10-06 17:48:43 CLOSE UDP 192.168.2.84 219.146.0.130 64099 53 - - - - - - - - -
2010-10-06 17:48:47 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:47 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:52 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:52 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:57 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:48:57 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:49:02 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:49:02 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:49:07 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:49:07 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:49:12 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:49:12 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:49:16 OPEN UDP 192.168.2.84 219.146.0.130 57808 53 - - - - - - - - -
2010-10-06 17:49:16 OPEN TCP 192.168.2.84 211.103.159.78 3261 80 - - - - - - - - -
2010-10-06 17:49:17 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
2010-10-06 17:49:17 DROP UDP 192.168.2.84 255.255.255.255 2291 9997 49 - - - - - - - RECEIVE
下面是今天的，不知道是不是局域网有主机中毒了，还是局域网内有人攻击我的电脑？
2010-10-10 18:53:28 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:53:28 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:53:31 CLOSE UDP 192.168.2.84 219.146.0.130 57541 53 - - - - - - - - -
2010-10-10 18:53:33 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:53:33 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:53:38 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:53:38 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:53:43 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:53:43 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
紧接着还有，苦恼啊
2010-10-10 18:58:44 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:58:44 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:58:49 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:58:49 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:58:54 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:58:54 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:58:59 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:58:59 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:04 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:04 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:09 CLOSE TCP 192.168.2.84 219.238.235.105 2916 80 - - - - - - - - -
2010-10-10 18:59:09 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:09 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:14 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:14 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:19 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:19 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:24 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
2010-10-10 18:59:24 DROP UDP 192.168.2.84 255.255.255.255 1989 9997 49 - - - - - - - RECEIVE
各位大侠指点一下吧，很苦恼啊，天天这样，受不了。。。。。。。

用户系统信息：Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Embedded Web Browser from: http://bsalsa.com/; .NET CLR 2.0.50727)

09kaka - 2010-10-10 20:34:00

丢弃广播包:kaka2:

怎么还有外连

twh321 - 2010-10-10 20:53:00

我同时使用彩影ARP防火墙和瑞星的ARP防火墙，有时两者好像冲突不兼容。你说的这个我也不知道，我用的是系统防火墙的日志。是不是我把一部分处于混杂模式的主机加入瑞星防火墙的黑名单的缘故？:kaka4:

09kaka - 2010-10-10 21:20:00

丢弃和自己无关的广播是正常的吧网络有异常吗

twh321 - 2010-10-10 21:24:00

谢谢你的解答。有时网络无缘无故掉线，拔一下网线才可以重新连接，甚至打开网页CPU有时候会达到100%，我一直怀疑局域网内有人恶意APR攻击:kaka6:

09kaka - 2010-10-10 21:41:00

先把网关做MAC绑定
抓包看下有没有IP发虚假ARP包

瑞星卡卡安全论坛