lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <5e70f6530604010817p51a906a8ld1f1b72e4de10b13@mail.gmail.com>
Date: Sat Apr  1 17:17:25 2006
From: thegesus at gmail.com (TheGesus)
Subject: Strange interactions between tunnelling and SMB
	under the proprietary Microsoft Windows environment

On 3/30/06, Marc SCHAEFER <schaefer@...hanet.ch> wrote:

>
>    However, accessing \\192.168.1.2\c$ did go through the Ethernet
>    interface, and *not the tunnel*, and strangely half-using the private
>    addresses!
>

As soon as you put an IP from a disjoint network on an XP box, XP
starts multicasting the new route you have made available to it. 
Other XP boxes join the party.

Since they are on the same segment it makes no difference to the stack
which interface the data goes out.  It knows two routes and it'll use
any one it damn well pleases, thank you.

Unless you shut this multicasting off (registry mod - there is no user
interface), XP will rat you out to the rest of the network.  I learned
this the hard way after creating a (VERBOTEN!) ad hoc wireless network
between my laptop and desktop at work.  In minutes the network guys
were on the phone asking about the multicast traffic and what it was
doing (I feigned innocence & blamed it on Windows as I yanked the USB
wireless NIC off the desktop box... that seemed to satisfy them).  XP
was telling the world it knew a route to 169.254.x.x (which it really
shouldn't do, at least according to RFC 3927).

If you want to run a covert Openvpn network from work to home, learn
about this and KILL it because a knowledgable net admin will ferret
you out.  Luckily we don't have any of those where I work.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ