Bugtraq mailing list archives
Re: ARP problem in Windows9X/NT
From: gandalf () POBOX COM (gandalf () POBOX COM)
Date: Thu, 15 Apr 1999 09:24:37 -0400
On Wed, 14 Apr 1999, Joseph Gooch wrote:
Same behavior here, however NT LOGS all packets to the event log. I'm not sure of NT's logging behavior, it could either fill the drive or if it has a max size it could erase old events. Possibly cover up other vulnerabilities that were tested. Since the MAC address isn't a real one, it's alot harder to trace.
The NT system logger has a size limit, on my system (and therefore I assume the default since I don't think I ever touched it) it is 512kb. It also will by default (this is configurable) not write over any entries less than 7 days old, which means when you fill all 512Kb it gives you a warning that the log is full, and _stops logging_. of course all of these attacks only work on the local subnet, which makes them a lot less worrisome then a more remote attack.
9x is boring, just a lame message box.
what versions? It definetly does work on some versions of 95 (like 4.00.950 B) If people want to test and send me the exact version and the results on the version I'll collate and post a summary. -chris _______________________________________________________ Christopher Rogers Stevens Institute of Technology gandalf () pobox com http://www.pobox.com/~gandalf I can prove anything with research except the truth. -Unknown
Current thread:
- Re: ARP problem in Windows9X/NT, (continued)
- Re: ARP problem in Windows9X/NT gandalf () POBOX COM (Apr 12)
- Re: ARP problem in Windows9X/NT kay (Apr 13)
- Re: ARP problem in Windows9X/NT kay (Apr 13)
- Serious security holes in web anonimyzing services Patrick Oonk (Apr 13)
- Re: Serious security holes in web anonimyzing services Jeremey Barrett (Apr 13)
- Re: ARP problem in Windows9X/NT route () RESENTMENT INFONEXUS COM (Apr 13)
- Re: ARP problem in Windows9X/NT gandalf () POBOX COM (Apr 13)
- Re: ARP problem in Windows9X/NT route () RESENTMENT INFONEXUS COM (Apr 13)
- Re: ARP problem in Windows9X/NT Alan DeKok (Apr 13)
- Re: ARP problem in Windows9X/NT Joseph Gooch (Apr 14)
- Re: ARP problem in Windows9X/NT gandalf () POBOX COM (Apr 15)
- Possible WU-ftpd Worm ? Stu Alchor (Apr 13)
- Re: Possible WU-ftpd Worm ? Gregory A Lundberg (Apr 14)
- Re: Possible WU-ftpd Worm ? Gregory Newby (Apr 14)
- Re: Possible WU-ftpd Worm ? M.Brands (Apr 14)
- Real Media Server stores passwords in plain text Francisco M. Marzoa Alonso (Apr 14)
- Announce: Secure UNIX Programming FAQ Thamer Al-Herbish (Apr 13)
- Bugs in anonymity services Avi Rubin (Apr 13)