Date: Wed, 24 Jan 2001 00:33:05 -0500 From: "C. Stephen Gunn" <csg@waterspout.com> To: Renaud Waldura <renaud@waldura.com> Cc: Patrick Bihan-Faou <patrick@netzuno.com>, freebsd-net@FreeBSD.ORG Subject: Re: How to send arp request with no other traffic Message-ID: <20010124003305.B231@waterspout.com> In-Reply-To: <006901c085ae$fae9bd80$0402010a@biohz.net>; from renaud@waldura.com on Tue, Jan 23, 2001 at 06:40:14PM -0800 References: <HJEEKLMFLKEOKHOKNPBMKEDBCJAA.patrick@netzuno.com> <006901c085ae$fae9bd80$0402010a@biohz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 23, 2001 at 06:40:14PM -0800, Renaud Waldura wrote: > An amusing trick to populate the ARP table is to ping the broadcast address. > Even if hosts do not reply to your ping packet (typically, Windows > machines), they are entered in the ARP table. > > You still have to send a single packet, but it does all the work. You can't really assume this will work. FreeBSD has a sysctl to disable responses to broadcast/multicast ICMP-echo requests. Exploitation of this "feature" is the basis for several denial of service attacks. Spoof the origin address to an layer-3 broadcast address and voila, amplified responses. :-( - Steve -- C. Stephen Gunn <csg@waterspout.com> | Waterspout Communications, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010124003305.B231>