Subject: Re: Article
To: Mihai Chelaru <>
From: Steven M. Bellovin <>
List: current-users
Date: 01/09/2003 11:06:46
In message <>, Mihai Chelaru writes:
>Anyone read this ? 
>"The Linux, NetBSD and Microsoft Windows operating systems are known to 
>have vulnerable link layer implementations, and it is extremely likely 
>that other operating systems are also affected." 
>Any official position regarding this ?

Speaking for myself, I think this is a non-issue.  (It's also been 
known for years.)  It's only a vulnerability if the attacker is on the 
same LAN; if that's the case, ARP-spoofing can yield all traffic, just 
just a few bytes from random packets.  (If it's an unswitched LAN, you 
don't even need that.)

		--Steve Bellovin, (me) (2nd edition of "Firewalls" book)