From owner-freebsd-security  Mon Apr 19 19:10: 7 1999
Delivered-To: freebsd-security@freebsd.org
Received: from bogomatic.fredbox.com (cable-4-17-237-24.anchorageak.net [24.237.17.4])
	by hub.freebsd.org (Postfix) with ESMTP id ADE601563D
	for <security@FreeBSD.ORG>; Mon, 19 Apr 1999 19:09:55 -0700 (PDT)
	(envelope-from fred@fredbox.com)
Received: from localhost (fred@localhost)
	by bogomatic.fredbox.com (8.8.8/8.8.8) with ESMTP id SAA13364;
	Mon, 19 Apr 1999 18:07:09 -0800 (AKDT)
	(envelope-from fred@fredbox.com)
Date: Mon, 19 Apr 1999 18:07:09 -0800 (AKDT)
From: "Frederick J Polsky v1.0" <fred@fredbox.com>
To: Rodrigo Campos <camposr@MATRIX.COM.BR>
Cc: Liam Slusser <liam@tiora.net>, security@FreeBSD.ORG
Subject: Re: poink attack (was Re: ARP problem in Windows9X/NT)
In-Reply-To: <Pine.BSF.4.05.9904191552130.9049-100000@speed.matrix.com.br>
Message-ID: <Pine.BSF.4.05.9904191804230.13349-100000@bogomatic.fredbox.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Unfortunately in my case (and the case of others), I'm served with cable
internet through GCI cable in Anchorage AK, which has its cable network
set up such that it is just one large ethernet with some 1000+ users and
no security whatsoever (most entertaining to connect a winbox to the
network and click on Network Neighborhood and see all defined
domains/workgroups...) I don't know about other cable internet providers
but this would at least be a problem with mine.

> I tested it against freebsd 2.2.8 stable, 3.0 stable and 3.1 stable, all
> they are vulnerable, it's not a big threat anyway, as you have to be on
> the same ethernet to use the exploit.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message