At 07.39 24-11-2001, Keith Simonsen wrote: >Awhile back, a friend and I tested many platforms against this bug, using >both spoofed arp replies and spoofed gratuitious arp requests. Unfortunately >I can't find our results, but I do remember that all versions of Windows >we tested were vulnerable to changing static arp entries w/ spoofed arp >replies. this is due to the fact that under Window 2000 (XP not tested) the static option mean only that the arp entry is permanent (it doesn't timeout) and not (as It should be) that is unmodificable... so Windows system are always poisonable... ;) bye --==> ALoR <==---------------------- - - - ettercap project : http://ettercap.sourceforge.net e-mail: alor (at) users (dot) sourceforge (dot) net
This archive was generated by hypermail 2b30 : Sun Nov 25 2001 - 20:50:40 PST