[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

arp packet payload



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi list,

don't know wheater it's mentioned anywhere or old news but here we go:

captured following arp packet last night:

00:44:36.309866 arp who-has 192.168.5.254 tell 192.168.5.164
0x0000   0001 0800 0604 0001 00c0 9f20 d3cd c0a8        ................
0x0010   05a4 0000 0000 0000 c0a8 05fe 4d2d 5345        ............M-SE
0x0020   4152 4348 202a 2048 5454 502f 312e             ARCH.*.HTTP/1.

nice packet, but what makes me curious is the payload. where is it taken from? 
are there also passwords and other "secret" things, which may be 
unintentionally sent out to the. 
i think the source is a windows xp box.

cheers
sebastian

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (OpenBSD)

iD8DBQE/ohE3Yk9OrbAUXswRAuyIAJsHy5/DQwoAKqEX+56w/H2jJQYoXgCfST1e
L5J+3WzSJZT+U1xjvGVZSMY=
=xiGy
-----END PGP SIGNATURE-----