Once upon a time, Carrie Bartkowiak <[EMAIL PROTECTED]> said:
> And just wait until Microsoft puts out XP - if you're not up on that,
> go to www.grc.com and read about it - full socket support; we're
> doomed. (Thanks to David Lucas for showing me the GRC attack page and
> M$ articles.)
FYI: Steve Gibson is pretty much off his rocker on this one. For
example, spoofed packets would not have been useful in this attack,
because it is VERY difficult to do a complete TCP connection from a
spoofed IP (unless it is to an old IP stack that has weak sequence
numbers). Only connectionless protocols like ping (ICMP echo) and DNS
(UDP) are typically vulnerable to spoofed packets.
--
Chris Adams <[EMAIL PROTECTED]>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
