There are more and more road closures near ISP providers, which further infringe on the interests of users.
ISP providers usually use a monitoring software called "Network Guard" to block routes.
I found a way to crack it. You can try.
"Network Pioneer" uses various methods to check whether users use * * * to surf the Internet, thus restricting them. Let me crack it separately:
1. Check whether there are different MAC addresses in packets with the same IP address. If there are, judge that users like surfing the Internet. The solution is to change the MAC address of each computer to the same; There are many ways to modify it, as follows:
(1) Cheating
1. Modify the registry
Almost all network card drivers can be called by the NdisReadNetworkAddress parameter to read the MAC address specified by the user from the registry. When the driver determines that this MAC address is valid, it will program this MAC address into the hardware register, ignoring the inherent MAC address of the network card. We can achieve this goal by manually modifying the Windows registry.
Run the registry editor of Windows under Winodws 98, and expand HKEY _ local _ machine \ system \ current control set \ service \ class \ net, and you will see subitems similar to 0000, 000 1 and 0002. Click from the "0000" subkey, and look for the contents of the "DriverDesc" key under this subkey in turn until you find the registration information of the network card exactly the same as the target you are looking for.
After finding the correct network card, click the drop-down menu Edit/New/String, and the string name is Network Address. Double-click the name of the newly created "Network Address" string and enter a numerical value. Enter the new MAC address value you want to specify. The new MAC address should be 12 hexadecimal digits or letters without "-",such as "00000000000000" (note that the location of specific key values is slightly different in Windows 98 and Windows 2000/XP, which can be found through the search function).
Under "NetworkAddress", continue to add a string value named "ParamDesc", which will be used as the description of "NetworkAddress", and the value can be taken as "MAC Address". Then change its content to what you want to set. As shown in the figure. In this way, we successfully modified the MAC address of the network card and restarted the computer.
2. Modify the network card properties
Most network cards can change their MAC addresses by modifying the network card properties in the control panel. In Device Manager, right-click the icon of the network card whose MAC address needs to be modified, and then select Properties/Advanced tab. In the "Properties" area, you can see an item named "Network Address" or other similar names. Click it and enter the MAC address value you want to specify under Value on the right. To enter 12 hexadecimal digits or letters continuously, do not enter "-"in the middle. These settings will take effect after the system is restarted.
(2), the bottom salary.
If the user is using the network card of RealTek RTL8 139A/B/C/D series chips, there is an easier way to modify the MAC address. The software PG8 139 designed by RealTek can directly modify the MAC addresses of RTL8 139 series network cards, and even make the MAC addresses of network cards different after each startup. The specific operation is as follows:
Unzip pg8 139.zip into a folder, take 8 139C chip as an example, open 8 139c.cfg file in this directory with notepad, modify the first line of 8 139c.cfg file, and put "NodeID" (network card number).
After saving, enter MS-DOS mode (note that it should be pure DOS mode), enter "pg 8139/pci8139 c.cfg" at the DOS prompt, and then press enter. At this point, if the system prompts "EEPROM programming is successful", the change is successful. Every time the PG8 139 program runs successfully, the system will automatically add 1 to the "NodeID" value in the corresponding 8 139c.cfg file, which means that the MAC address assigned to the current workstation network card during the first run is "00E04C00002 1", and the second time. By analogy, the MAC address of the network card can be modified in batches, and it is no longer necessary to modify the 8 139c.cfg file repeatedly.
If the user's network card is a chip of other versions of RTL8 139, just find the corresponding one. The cfg file to be modified.
In addition, there is an extreme method to clone MAC address by burning EEPROM of network card. However, it is risky and complicated, and even experienced users will inevitably make mistakes in the operation. This operation is not recommended.
(3), skillfully borrow the east wind
If you are a Windows 2000/XP user, you can use the free MAC address modification software SMAC. After running SMAC, the list box in the window lists the working network cards on the computer. After selecting the network card to be modified, enter the new MAC address in the six input boxes at the bottom of the list box, and click "Update MAC" on the right to complete the modification of the MAC address.
There are many tools to modify MAC address, but most of them are only applicable to Windows 2000/XP. It is recommended to use "Super Rabbit Magic Settings" because it is not only simple and easy to use, but also effective in Windows 9x system.
After the modification is completed, the general method to make the settings take effect is to restart the system. There is also a simple way not to restart the system. In Device Manager, select the network card icon, right-click and select Disable (please note whether the status bar is displayed as Disabled after operation). Then right-click the selected network adapter and select Enable from the right-click menu. This will make the modified settings take effect.
Second, through SNMP (Simple Network Management Protocol), multiple computers are found to enjoy surfing the Internet.
Some routers and ADSL cats have built-in SNMP services, and users can check whether there is * * * function through corresponding tools. The following is the effect diagram provided by netizens to check the number of connected users of an ADSL modem through corresponding tools, in which the number of users enjoyed by * * * can be clearly seen.
If you want to know whether your router or big cat has opened SNMP service, you can use any scanning software (ipscan, superscan ...). If the 16 1 port is open, the built-in SNMP service is available. What's the solution? 6 1 port is prohibited.
Use the router or turn on the routing mode of ADSL Cat * * *. Friends who like surfing the Internet can enter the management interface, and if there is an option to turn off SNMP, they can turn it off. If the cat's management interface doesn't have the option to turn off SNMP, you have to buy a router without SNMP service, such as TP-LINK TL-R400, put it between adsl moden and hub, and then make a NAT service in the router, so that the address of the cat entering adsl is an address, thus solving the problem of * * * enjoying the Internet.
3. Monitor the number of concurrent ports. If the number of concurrent ports exceeds the set number, it is judged as * * * enjoyment.
This is a setting that makes people laugh and cry. Network Guardian will continuously scan the number of ports opened by users. If it exceeds the set value, it is judged as * * * enjoyment. Sometimes even pressing F5 several times is considered as * * * enjoyment, and even affects a single user's surfing the Internet. This can't be cracked (unless you hack cyber guards). The solution here is to pretend that innocent users call ISP's customer service phone and curse, stating that it may not work.
Fourthly, "Network Pioneer" also used an unknown method to detect the information shared by * * * from the computer shared by * * *. The current solution is that all clients shared by * * * should install firewalls, set the security level to the highest level, and cancel all the rules that allow others to access this computer in the IP configuration rules, allowing PING this computer to be unchecked to prevent ICMP and IGMP attacks. If it is WINXP, open the network firewall of the network card. After adopting the above cracking method, I can't see this machine in my own LAN, and after WINXP opens the network firewall of the network card, I can't transfer files in QQ, and the network speed is slow, but I can finally enjoy it again.
Network pioneer, where is sacredness?
In fact, NetSniper is not mysterious. It is a set of maintenance management system launched by a network system company in Shanghai several years ago.
Network protection is divided into three parts: network protection controller, network configuration manager and log manager.
Among them, the hardware device-network pioneer controller has developed into type I and type II. I is suitable for detecting and controlling private private lines; II is suitable for detecting and controlling * * * accessing the Internet and stealing MAC addresses.
The network configuration manager is used to configure and manage the related parameters of the network vanguard controller. The log manager is used to receive and process the log information sent by the network pioneer controller.
After installing standard rack network protection hardware on the line, network service providers and managers can make quite comprehensive settings.
Based on TCP/IP environment, Network vanguard can automatically detect unauthorized proxy servers or routers in the network, prevent others from stealing MAC addresses, and automatically intercept IP packets of these proxy servers and IP packets flowing to such routers.
In the end, users can be effectively prevented from evading fees or operating privately, and network service providers will have a manageable broadband network. It is based on this that network service providers all over the world began to use network pioneers one after another.
The monitoring principle has not been made public.
How do network elites favored by service providers monitor users? * * * How was the fun of surfing the Internet discovered? On the internet, the discussion about the network elite has begun.
Because it involves commercial interests, neither equipment suppliers nor network service providers disclose the working principle of network leaders. All the information that ordinary netizens can learn comes from the unofficial Internet.
ADSL*** generally likes to surf the Internet through routing NAT. After the routing conversion, the IP addresses of computers in the internal network accessing the external network are all changed to192.168.0.1,and the MAC addresses are also converted to the MAC addresses of ADSL modems. It is difficult to directly monitor NAT-converted packets at ADSL exit.
Network vanguard scans ADSL cats with tools such as superscan and finds the number of PCs with 16 1 port open. Because the port 16 1 is a service port of SNMP (Simple Network Management Protocol), when its number is greater than the number set by the network service provider, it is judged as * * * enjoyment.
Others think that the network pioneer has detected the information enjoyed by * * * from the computer in an unknown way, and will call the police when judging that * * * enjoys surfing the Internet. When an illegal user is found, NetSniper can issue a specific control package to make the illegal user "offline".
Network outbreak, offensive and defensive warfare
Although there are different opinions on its working principle, most netizens are against the network elite. Although the manufacturer claims that as a detection device, the network elite mainly receives data and does not send data, so the bandwidth occupation is almost zero. However, there are still many people scrambling to criticize the drawbacks of online elites on the Internet.
The first point:
The biggest sin is naturally to restrict the freedom of the Internet and prevent users from enjoying the Internet with others. If you connect with friends, relatives and neighbors for a long time and use ADSL lines, you will be found and warned by network service providers.
The second point:
It continuously scans the number of ports opened by users. If it exceeds the set value, it is judged as * * * enjoyment. Sometimes even pressing F5 several times is considered as * * * enjoyment, and even a single user's surfing the Internet is affected.
The third point:
Its non-stop scanning affects the network speed, resulting in frequent refreshing of browsing web pages; However, some web pages are more complicated. When calling several server files, it will be regarded as * * *, and some pages will not be displayed normally.