Re: ARP hole in Windows NT/2000

From: ALoR (Alorat_private)
Date: Sun Nov 25 2001 - 14:19:13 PST

Next message: Bill Weiss: "Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer"

Previous message: Robert Jaroszuk: "Bug in fetchmail."
In reply to: Keith Simonsen: "Re: ARP hole in Windows NT/2000"
Next in thread: Nelson Brito: "Re: ARP hole in Windows NT/2000"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 07.39 24-11-2001, Keith Simonsen wrote:

>Awhile back, a friend and I tested many platforms against this bug, using
>both spoofed arp replies and spoofed gratuitious arp requests. Unfortunately
>I can't find our results, but I do remember that all versions of Windows
>we tested were vulnerable to changing static arp entries w/ spoofed arp
>replies.

this is due to the fact that under Window 2000 (XP not tested) the static 
option mean only that the arp entry is permanent (it doesn't timeout) and 
not (as It should be) that is unmodificable...

so Windows system are always poisonable... ;)

bye

    --==> ALoR <==---------------------- -  -   -

  ettercap project : http://ettercap.sourceforge.net
  e-mail: alor (at) users (dot) sourceforge (dot) net

Next message: Bill Weiss: "Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer"
Previous message: Robert Jaroszuk: "Bug in fetchmail."
In reply to: Keith Simonsen: "Re: ARP hole in Windows NT/2000"
Next in thread: Nelson Brito: "Re: ARP hole in Windows NT/2000"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Nov 25 2001 - 20:50:40 PST