Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: windows arp dos

From: "Kristian Hermansen" <kristian.hermansen () gmail com>
Date: Thu, 26 Jul 2007 20:04:30 -0400
On 7/25/07, " Knud Erik H?jgaard " <kokanin () gmail com> wrote:

Tested on xp sp2 and vista., screenshot and .pl attached. There are
quite a few ways to improve this, for example rate limiting the packet
sending so as to not over-send, multiple targets and stuff like that.
However, that means more work and I am lazy.


Did you hook in to find what windows code is producing the majority of
this DoS?  Maybe some unnecessary loop added in Windows XP SP2?  It it
not surprising I guess.  But again, a dumb local attack, unless proxy
ARP is configured...
-- 
Kristian Hermansen

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: