published: January 23rd, 2008
How easy is for attackers to compromise the LAN? Answer: Very easy! With a few simple tricks, attackers can easily poison the local name resolution system for the machines inside a given LAN. Network Devices and Apple products are most vulnerable among others of course.
It is all due to mDNS. From Wikipedia’s article:
The problem with mDNS is that it is spoof-able. Here is how it works. A mDNS enabled client will perform a mDNS query on a multicast address. [...]