Vulnerability Development mailing list archives
RE: ARP hole in Windows NT/2000
From: Chris <chrisb () bcnstech net>
Date: Sun, 25 Nov 2001 16:18:57 +1100
On Sat, 24 Nov 2001 17:38:48 +0100, Grzegorz Flak wrote:
Does anybody has access to XP to check if it is also vulnerable?
WinXP doesnt appear to be vulnerable.. It honours static arp entries, but can still be fooled if there is no static entry. Regards -- Chris, chrisb () bcnstech net on 25/11/2001 C:\>ver Microsoft Windows XP [Version 5.1.2600] C:\>arp -s 192.168.1.20 00-00-e8-a5-8c-ae C:\>arp -a Interface: 192.168.1.10 --- 0x2 Internet Address Physical Address Type 192.168.1.1 00-80-48-e8-3e-a7 dynamic 192.168.1.20 00-00-e8-a5-8c-ae static Ran arpspoof.. C:\>arp -a Interface: 192.168.1.10 --- 0x2 Internet Address Physical Address Type 192.168.1.1 00-80-48-e8-3e-a7 dynamic 192.168.1.20 00-00-e8-a5-8c-ae static C:\>arp -d 192.168.1.20 C:\>arp -a Interface: 192.168.1.10 --- 0x2 Internet Address Physical Address Type 192.168.1.1 00-80-48-e8-3e-a7 dynamic 192.168.1.20 00-80-48-e8-3e-a7 dynamic
Current thread:
- ARP hole in Windows NT/2000 Grzegorz Flak (Nov 22)
- Re: ARP hole in Windows NT/2000 Tomas Nybrand IT (Nov 23)
- Re: ARP hole in Windows NT/2000 Gigi Sullivan (Nov 24)
- Re: ARP hole in Windows NT/2000 Keith Simonsen (Nov 24)
- RE: ARP hole in Windows NT/2000 Grzegorz Flak (Nov 24)
- RE: ARP hole in Windows NT/2000 Chris (Nov 24)
- Re: ARP hole in Windows NT/2000 ALoR (Nov 25)
- Re: ARP hole in Windows NT/2000 Nelson Brito (Nov 24)
- Re: ARP hole in Windows NT/2000 Chris Green (Nov 23)
- Re: ARP hole in Windows NT/2000 Tomas Nybrand IT (Nov 23)