Security Incidents mailing list archives

Re: 169.254.x.x

From: peak () ARGO TROJA MFF CUNI CZ (Pavel Kankovsky)
Date: Fri, 31 Mar 2000 09:04:20 +0200


On Wed, 29 Mar 2000, Robert Graham wrote:

...For example, on a widely switched Ethernet backbone, it could
enable the user to at least e-mail MIS saying that their network
connection is flaky.


1. they would not send anything unless a SMTP server listens on
   169.254.0.0/16 locally and they can locate and use it, in a
   clueless-user-friendly way
2. if "their network connection is flaky", it is quite unlikely DHCP is
   the only thing that will fail
3. if they are able to send packets at all, whoever monitoring the network
   will already know something is wrong because repeated DHCP requests
   from a single host will be seen

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

Current thread:

Re: Syn and Fin in different packets together, (continued)
- - - Re: Syn and Fin in different packets together Simple Nomad (Mar 22)
    - Re: Syn and Fin in different packets together Granquist, Lamont (Mar 24)
    - Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity Jeffrey D. Carter (Mar 25)
    - Re: Dramatic increase in UDP Port 137 (NetBIOS Name Service) probeactivity Bryan Andersen (Mar 28)
    - Re: Dramatic increase in UDP Port 137 (NetBIOS Name Service) probeactivity Christoph Schneeberger (Mar 29)
    - Re: Dramatic increase in UDP Port 137 (NetBIOS Name Service)probeactivity Bill Pennington (Mar 29)
    - Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Pavel Kankovsky (Mar 29)
    - Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Joshua Krage (Mar 29)
    - Re: 169.254.x.x (Dramatic increase in UDP Port 137 (NetBIOS Name Service) probe activity) Greg A. Woods (Mar 29)
    - Re: 169.254.x.x Robert Graham (Mar 29)
    - Re: 169.254.x.x Pavel Kankovsky (Mar 30)
    - Cracked by the Brazilians Seth Milder (Mar 30)
    - Re: Cracked by the Brazilians Michael Damm (Mar 30)
    - Re: Cracked by the Brazilians Seth Milder (Mar 30)
    - Re: Cracked by the Brazilians Robert Graham (Mar 30)
    - Re: Cracked by the Brazilians Seth Milder (Mar 30)
    - Re: Cracked by the Brazilians Michael H. Warfield (Mar 30)
    - Re: Cracked by the Brazilians Omachonu Ogali (Mar 30)
    - Re: Cracked by the Brazilians Blaise St-Laurent (Mar 30)
    - Re: Cracked by the Brazilians Ralf Spenneberg (Mar 30)
    - Re: Cracked by the Brazilians Seth Milder (Mar 30)

(Thread continues...)