wireshark vs sinffer

[Turing]

大家觉得那个比较好用，今天我在家里查ARP病毒了，用了wireshark，抓包信息如下:
protocol info

ARP DNS address tell IP address1

ARP DNS address tell IP address 2

ARP DNS address tell IP address 1

ARP DNS address tell IP address 3

ARP DNS address tell IP address 6

个人感觉，从info角度来看，局域网没有ARP病毒，如果抓包如下情况:

15:01:53.597121 arp who-has 192.168.0.1 tell 192.168.0.2
15:01:53.597125 arp who-has 192.168.0.1 tell 192.168.0.2
15:01:53.617436 arp who-has 192.168.0.2 tell 192.168.0.2
15:01:53.617440 arp who-has 192.168.0.2 tell 192.168.0.2
15:01:53.637942 arp who-has 192.168.0.3 tell 192.168.0.2
15:01:53.637946 arp who-has 192.168.0.3 tell 192.168.0.2
15:01:53.658452 arp who-has 192.168.0.4 tell 192.168.0.2
15:01:53.658456 arp who-has 192.168.0.4 tell 192.168.0.2
15:01:53.678963 arp who-has 192.168.0.5 tell 192.168.0.2
15:01:53.678967 arp who-has 192.168.0.5 tell 192.168.0.2
15:01:53.699464 arp who-has 192.168.0.6 tell 192.168.0.2

说明用了ARP病毒，而且192.168.0.2成了伪网关了！
以上个人之见，望大家各自表态！

[keynes1983]

经鉴定

1.你的局域网还不错
2.你是在这边长大的

：）

[Turing]

经鉴定

1.你的局域网还不错
2.你是在这边长大的

：）

你是杭州人?