-----Original Message----- From: pablito <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: Monday, July 02, 2001 11:15 AM Subject: hacker-friendly Windows XP! >Forwarding this message of interest in which a Windows programmer had to >switch to a unix-based news server because of insufficient security in >windows.... > >_________________________________________________________________ > > The May 2001 Denial of Service Attacks Against GRC.COM >_________________________________________________________________ > <http://grc.com/dos/intro.htm> > > >During the first few weeks of May, GRC.COM was the target of >several distributed denial of service (DDoS) attacks launched >by a 13-year-old hacker using a tool he did not write. Using >this tool, "Wicked" commanded multiple sustained attacks from >474 security-compromised Windows-based PC's. > >The whole tale turned into a pretty good read, and is >something I imagine you may enjoy. You can read the entire >page online on our web site, or you can download the PDF >file for offline reading or printing. > >The page on our site: <http://grc.com/dos/grcdos.htm> > >The PDF file: <http://media.grc.com/files/grcdos.pdf> > > > >Windows XP: > >The experience with Windows-based denial of service attacks >focused my attention on Microsoft's planned release of Windows XP >with its planned inclusion of "Full Raw Socket" support. Full raw >sockets are a powerful and dangerous Internet API that exists in >all Unix-based operating systems. But under Unix they are >deliberately protected by the rigorous requirement for "root" >privilege. (Similar to Microsoft's "Administrative" privilege.) >However Microsoft has done away with this distinction in the Home >Edition of Windows XP which threatens to populate the world with >a needlessly dangerous capability. > >Microsoft and I have been arguing about this quite a lot >recently. Last Thursday, this culminated in an eight-way >telephone conference: > >My page explaining the XP threat: <http://grc.com/dos/winxp.htm> > >About our phone conference: <http://grc.com/dos/xpconference.htm> > > > >The new GRC News server: > >The denial of service attacks adversely affected our Windows- >based newsgroup server forcing us to give up on it and switch to >a Unix-based solution. That machine has a different name and IP >address. If you were using the news server at "grc.com" and IP >address of [207.71.92.193] please change your news reader to >connect to "news.grc.com" at the IP address of [207.71.82.194]. > > > >Our new Media page: > >Since I last wrote, we finally got the video clips from my various >appearances on ZDTV and TechTV online. Those who are interested >may find a page describing their format and an index to them here: > > <http://grc.com/dos/media.htm> > > > >A new ShieldsUP! coming soon: > >In preparation for the "Spoofarino" freeware (mentioned at the >bottom of the long DoS report page) we will be bringing the GRC >NanoProbe technology over to the main GRC server for the first >time. Our existing ShieldsUP! security evaluation system will >receive its first significant upgrade since its introduction. > >As soon as it's ready for your testing I'll let you know! > >_________________________________________________________________ > >Thank you for your time. I hope this has been useful to you. > >Steve Gibson. <a href= "http://grc.com/"; >GRC Website</a> > >
