On Wednesday 08 August 2001 07:48, Tom Massey wrote:
> On Wed, 8 Aug 2001, [ISO-8859-1] Gr�goire Colbert wrote:
> > http://grc.com/dos/winxp.htm
> > PS : For those of you (any?) who would like to give XP a try, take a
> > close look at the site above. This is frightening.
>
> Mmm. And then look at <http://vmyths.com/rant.cfm?id335&page=4> for a
> bit of balance. Or have a read of the articles at
> <http://vmyths.com/resource.cfm?id=59&page=1> and think about how
> much you can trust Steve Gibson when it comes to security issues. (Read
> them anyway, they're pretty funny :-)
> Raw sockets in WinXP are simply not an issue.
>
> Way off topic, but I hate to see FUD spread.
Actually, some security experts are a little worried what a set of attack dogs with
teetn can do.
XP with raw sockets (in the personal edition) is totally unnecessary and nothing more
for Microsoft than a publicity ("Now with the full socket capabilities of unix").
But for script kiddies it means fresh troops, and this time, they're armed. Filtering
rules
with current routers can keep out DDoS attacks now, but with raw sockets,
even the DDoS attacks will be hard to filter, plus all sorts of extras ("bonk", "tear
drop") are now
available. It is a valid concern, perhaps a bit overblown, but definitely time
for ISPs to look into routers capable of stateful firewalling.
I agree that Steve Gibson is often a clown who overplays his role, but even a blind
hog stumbles across an acorn once in a while.
Civileme
