A few clarifications, according to CSSA Support (Level 2 support): 1) You need to have Ethernet connectivity to the WAN interface to exploit this. T1, and many cable implementations will stop this. 2) The "default" or "normal" mode that most SonicWall devices are installed in is "NAT Mode" - SonicWall reported to me that the ARP requests are not sent backwards across a device in NAT mode, only standard mode (NAT not enabled). 3) ARP traffic is very small - to create a DoS on the network, you'd need to generate thousands of arps per second. SonicWall firmware version 6.6 (no ETA from support) will fix these issues. My thought: If you've got an attacker that close to your network, does he really need to use your SonicWall for mapping? Robert Auch First initial last name at totalnetsolutions.net 0 ASCII Ribbon campaign - against HTML Email ^ - against auto-execute attachments
