Subject: Re: Article
To: Mihai Chelaru <firstname.lastname@example.org>
From: Steven M. Bellovin <email@example.com>
Date: 01/09/2003 11:06:46
In message <firstname.lastname@example.org>, Mihai Chelaru writes:
>Anyone read this ?
>"The Linux, NetBSD and Microsoft Windows operating systems are known to
>have vulnerable link layer implementations, and it is extremely likely
>that other operating systems are also affected."
>Any official position regarding this ?
Speaking for myself, I think this is a non-issue. (It's also been
known for years.) It's only a vulnerability if the attacker is on the
same LAN; if that's the case, ARP-spoofing can yield all traffic, just
just a few bytes from random packets. (If it's an unswitched LAN, you
don't even need that.)
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)