On Mon, 12 Apr 1999, Joel Jacobson wrote: > Hello all bugtraqers! > > I've found a problem in Windows9X/NT's way of handeling ARP packets. > > If you flood a computer at your LAN with the packet below, it's user > will be forced to click a messagebox's OK button x times, where x is the number > of packets you flooded with. [snip] >And in HEX the packet look like this: >ff ff ff ff ff ff 00 00 00 00 00 00 08 06 08 00 06 04 00 01 00 00 00 >00 00 00 XX XX XX XX 00 00 00 00 00 00 XX XX XX XX >(XX is what matters here) Perhaps I am doing it wrong, but sending out arp requests like this only generates a single messagebox. If you send one or a million requests in the time it takes to click ok, no new messageboxes will appear. This is on NT4 sp4. The packet I am sending out seems a tad different from the one listed, the hex dump above seems to be missing the hardware address type. anyways, what I sent was: ff ff ff ff ff ff 00 00 00 00 00 00 08 06 00 01 08 00 06 04 00 01 00 00 00 00 00 00 XX XX XX XX 00 00 00 00 00 00 XX XX XX XX -chris _______________________________________________________ Christopher Rogers Stevens Institute of Technology gandalfat_private http://www.pobox.com/~gandalf Life would be much easier if we could just look at the source code
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:42:15 PDT