RE: Privacy leak while surfing
From: Golden_Eternity (bhodi_jabir@yahoo.com)Date: 04/25/02
- Previous message: KF: "Re: ecartis / listar PoC"
- In reply to: Kai Kretschmann: "Privacy leak while surfing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Golden_Eternity" <bhodi_jabir@yahoo.com> To: "Kai Kretschmann" <K.Kretschmann@security-gui.de>, <vuln-dev@securityfocus.com> Date: Thu, 25 Apr 2002 08:43:55 -0700
> I noticed a lot of netbios name service broadcast from different windows
> workstations for name resolution requests of various webserver names. It
> seems that the IE tries to resolve normal internet domain names
> using local netbios ways in addition to the configured DNS.
That's the standard search order for Windows; it checks lmhosts, WINS, hosts
and DNS (not necessarilly in that order, its been a while since my MS TCP/IP
class).
> Now I can all see surfed domain names with the requesting client
> IP without spoofing anything, simply watch the broadcasts coming along.
You could just as easilly get that information from watching DNS traffic.
Also, web requests include the domain name (otherwise virtual hosts wouldn't
work) so you can just monitor HTTP and get everything you want.
If you are on the local network (or along the path of travel) anything that
isn't encrypted is fair game.
-G_E
- Previous message: KF: "Re: ecartis / listar PoC"
- In reply to: Kai Kretschmann: "Privacy leak while surfing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
