Tillmann Werner wrote:
Rea,
that trace is more than a bit strange and should be really alarming. One can
do lots of dirty things abusing ARP.
Has anyone seen such ARP packets? I am a bit curious, because we have no
strange hardware that will set the target hardware address in the who-has
ARP packet. Are there any attacks that using such packets?
It has been quite some time since I've seen it in action, but this
sounds very much like reverse arp (RARP), RFC-903, but without the
complete packet, I couldn't say for certain.
Jeff
