Re: [Full-disclosure] windows arp dos
- From: "Kristian Hermansen" <kristian.hermansen@xxxxxxxxx>
- Date: Thu, 26 Jul 2007 20:04:30 -0400
On 7/25/07, " Knud Erik H?jgaard " <kokanin@xxxxxxxxx> wrote:
Tested on xp sp2 and vista., screenshot and .pl attached. There are
quite a few ways to improve this, for example rate limiting the packet
sending so as to not over-send, multiple targets and stuff like that.
However, that means more work and I am lazy.
Did you hook in to find what windows code is producing the majority of
this DoS? Maybe some unnecessary loop added in Windows XP SP2? It it
not surprising I guess. But again, a dumb local attack, unless proxy
ARP is configured...
--
Kristian Hermansen
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Re: [Full-disclosure] Hash
- Next by Date: Re: [Full-disclosure] Hash
- Previous by thread: [Full-disclosure] windows arp dos
- Next by thread: [Full-disclosure] [USN-491-1] Bind vulnerability
- Index(es):
