Privacy leak while surfing
From: Kai Kretschmann (K.Kretschmann@security-gui.de)Date: 04/25/02
- Previous message: 3APA3A: "Re: Microsoft Baseline Security Analyzer exploit (Exposed vulnerabilities' list)"
- Next in thread: Golden_Eternity: "RE: Privacy leak while surfing"
- Reply: Golden_Eternity: "RE: Privacy leak while surfing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 25 Apr 2002 11:27:39 +0200 To: vuln-dev@securityfocus.com From: Kai Kretschmann <K.Kretschmann@security-gui.de>
Hi,
A small privacy leak seams to occur while surfing with IE in a local LAN.
I noticed a lot of netbios name service broadcast from different windows
workstations for name resolution requests of various webserver names. It
seems that the IE tries to resolve normal internet domain names using local
netbios ways in addition to the configured DNS.
Now I can all see surfed domain names with the requesting client IP without
spoofing anything, simply watch the broadcasts coming along.
-- Think-Safety www.security-gui.de
- Previous message: 3APA3A: "Re: Microsoft Baseline Security Analyzer exploit (Exposed vulnerabilities' list)"
- Next in thread: Golden_Eternity: "RE: Privacy leak while surfing"
- Reply: Golden_Eternity: "RE: Privacy leak while surfing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
