Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: windows arp dos
From: "Kristian Hermansen" <kristian.hermansen () gmail com>
Date: Thu, 26 Jul 2007 20:04:30 -0400

On 7/25/07, " Knud Erik H?jgaard " <kokanin () gmail com> wrote:
Tested on xp sp2 and vista., screenshot and .pl attached. There are
quite a few ways to improve this, for example rate limiting the packet
sending so as to not over-send, multiple targets and stuff like that.
However, that means more work and I am lazy.

Did you hook in to find what windows code is producing the majority of
this DoS?  Maybe some unnecessary loop added in Windows XP SP2?  It it
not surprising I guess.  But again, a dumb local attack, unless proxy
ARP is configured...
Kristian Hermansen

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • windows arp dos Knud Erik Højgaard (Jul 25)
    • <Possible follow-ups>
    • Re: windows arp dos Kristian Hermansen (Jul 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]