In message <x73dta5z6o.fsf@dailyplanet.wsrcc.com>Wolfgang Rupprecht writes
>
>mcr@sandelman.ottawa.on.ca (Michael Richardson) writes:
>>   The technique is to send an ICMP ping addressed to the node at the IP
>> layer, but not addressed to the node at the ethernet layer.
>
>I'm not sure that the information that these probes provide is at all
>damaging from a security standpoint.  The probe just shows if the MAC
>filters are pre-filtering ethernet traffic or not.

Yah, since dhclient puts the interface into promiscuous mode, I suspect
that lots of NetBSD systems are in promiscuous mode, so it wouldn't be
so interesting to find 'em...

Kevin
kml@logictier.com