Address Resolution Protocol (ARP) is a protocol used by hosts to map network address (IP address) into physical address (MAC address) when preparing the Ether frame for network transmission. Because of the protocol flaws, it is difficult to verify the sender of an arp packet. The hackers have begun developing the attack tools based on ARP spoofing. Some attacking tools are used to do network sniffing. Some tools are used to block the communication and thus results in a Denial of Service (DoS). What is worse, it is very easy to find and download these attacking tools from the Internet. Users with bad intention might use these tools to annoy the network admisistrator. In this thesis, we proposed a method to resist ARP attack and implementd it as a web-based system. The system can be used in a local area network. The system examines the ARP table, collects the map of IP and MAC and then creates the database. With the database, the system can check the sender address of an ARP packet. It will send a correct ARP packet to fix the problem when it finds a wrong ARP reply packet with wrong mapping of IP and MAC. As a result, the system can defend the hosts in the LAN so that the sniffing and the Denial of Service (DoS) attack won't harm the computer hosts in the LAN.