Vulnerability Development mailing list archives

Re: ARP hole in Windows NT/2000

From: Chris Green <cmg () uab edu>
Date: Fri, 23 Nov 2001 06:53:47 -0600

Grzegorz Flak <Grzegorz.Flak () comarch pl> writes:

Hi,

I am not sure, if it is something new, but I think I found serious
vulnerability in ARP implementation in WindowsNT/2000 (I checked it on
NT4 SP6 and Win2000 SP1). The problem is when somebody whant to use
"man in the middle" technik to evesdrop your traffic. This example was
done with ettercap.


[...]

http://www.geocrawler.com/archives/3/90/1999/10/0/2811400/ seems to
suggest that this has been a problem with NT for a very long time.  I
couldn't any other informationin a quick glance


Any suggestions how to get rid off that.

Reagards


-- 
Chris Green <cmg () uab edu>
"Yeah, but you're taking the universe out of context."

Current thread:

ARP hole in Windows NT/2000 Grzegorz Flak (Nov 22)
- Re: ARP hole in Windows NT/2000 Tomas Nybrand IT (Nov 23)
  - Re: ARP hole in Windows NT/2000 Gigi Sullivan (Nov 24)
  - Re: ARP hole in Windows NT/2000 Keith Simonsen (Nov 24)
    - RE: ARP hole in Windows NT/2000 Grzegorz Flak (Nov 24)
    - RE: ARP hole in Windows NT/2000 Chris (Nov 24)
    - Re: ARP hole in Windows NT/2000 ALoR (Nov 25)
  - Re: ARP hole in Windows NT/2000 Nelson Brito (Nov 24)
- Re: ARP hole in Windows NT/2000 Chris Green (Nov 23)