From owner-freebsd-net Thu Dec 30 3: 3:10 1999 Delivered-To: freebsd-net@freebsd.org Received: from tango.SoftHome.net (tango.SoftHome.net [204.144.231.49]) by hub.freebsd.org (Postfix) with SMTP id D7B781523A for ; Thu, 30 Dec 1999 03:03:07 -0800 (PST) (envelope-from fgont@softhome.net) Received: (qmail 24317 invoked by uid 417); 30 Dec 1999 11:03:06 -0000 Received: from unknown (HELO over) (200.51.58.193) by smtpb.softhome.net with SMTP; 30 Dec 1999 11:03:06 -0000 Message-Id: <.19991229214306.00b874c0@pop.softhome.net> X-Sender: fgont@pop.softhome.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Wed, 29 Dec 1999 21:50:58 -0300 To: freebsd-net@FreeBSD.ORG From: Fernando Ariel Gont Subject: ARP makes a LAN "vulnerable"? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi! I read that ARP is used to "translate" an IP address to the hardware address of the host (that means, given an IP number of a host, ARP can give me the hardware address of that host). I've also read that you can configure your machine to reply the ARP requests for a given IP number. If so, I could configure my host (in a LAN) to reply to all the ARP requests with the hardware address of MY HOST, instead of the hardware address of the real host. If that is possible, all the LAN information could pass through my machine, and THEN to the real receiver. I think someone could use this "procedure" to steal information. Am I wrong? Regards, Fernando Ariel Gont E-mail: fgont@softhome.net web site: http://members.xoom.com/gont/ --- "Con las computadoras crearemos una civilizacion de estupidos tecnologicos, y una elite se ira quedando con todo. Cuando digo elite me refiero a gente como yo, que puede leer." - Ray Bradbury, escritor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message