This will take some time to read, but it is very interesting about how MS software is leaving holes and doesn't care. A good true HACKER'S story. Another site to leave MS for Unix. Larry ---------------------------------- Steve Gibson is the man behind "Shield's UP" web site. ----- Original Message ----- From: "Steve Gibson's MailBot" <[EMAIL PROTECTED]> To: "Larry" <[EMAIL PROTECTED]> Sent: Monday, July 02, 2001 2:55 PM Subject: Steve Gibson's July/2001 News from GRC.COM ... <p><em>> Hello Larry, <em>> <em>> _________________________________________________________________ <em>> <em>> The May 2001 Denial of Service Attacks Against GRC.COM <em>> _________________________________________________________________ <em>> <http://grc.com/dos/intro.htm> <em>> <em>> <em>> During the first few weeks of May, GRC.COM was the target of <em>> several distributed denial of service (DDoS) attacks launched <em>> by a 13-year-old hacker using a tool he did not write. Using <em>> this tool, "Wicked" commanded multiple sustained attacks from <em>> 474 security-compromised Windows-based PC's. <em>> <em>> The whole tale turned into a pretty good read, and is <em>> something I imagine you may enjoy. You can read the entire <em>> page online on our web site, or you can download the PDF <em>> file for offline reading or printing. <em>> <em>> The page on our site: <http://grc.com/dos/grcdos.htm> <em>> <em>> The PDF file: <http://media.grc.com:8080/files/grcdos.pdf> <em>> <em>> <em>> <em>> Windows XP: <em>> <em>> The experience with Windows-based denial of service attacks <em>> focused my attention on Microsoft's planned release of Windows XP <em>> with its planned inclusion of "Full Raw Socket" support. Full raw <em>> sockets are a powerful and dangerous Internet API that exists in <em>> all Unix-based operating systems. But under Unix they are <em>> deliberately protected by the rigorous requirement for "root" <em>> privilege. (Similar to Microsoft's "Administrative" privilege.) <em>> However Microsoft has done away with this distinction in the Home <em>> Edition of Windows XP which threatens to populate the world with <em>> a needlessly dangerous capability. <em>> <em>> Microsoft and I have been arguing about this quite a lot <em>> recently. Last Thursday, this culminated in an eight-way <em>> telephone conference: <em>> <em>> My page explaining the XP threat: <http://grc.com/dos/winxp.htm> <em>> <em>> About our phone conference: <http://grc.com/dos/xpconference.htm> <em>> <em>> <em>> <em>> The new GRC News server: <em>> <em>> The denial of service attacks adversely affected our Windows- <em>> based newsgroup server forcing us to give up on it and switch to <em>> a Unix-based solution. That machine has a different name and IP <em>> address. If you were using the news server at "grc.com" and IP <em>> address of [207.71.92.193] please change your news reader to <em>> connect to "news.grc.com" at the IP address of [207.71.92.194]. <em>> <em>> <em>> <em>> Our new Media page: <em>> <em>> Since I last wrote, we finally got the video clips from my various <em>> appearances on ZDTV and TechTV online. Those who are interested <em>> may find a page describing their format and an index to them here: <em>> <em>> <http://grc.com/media.htm> <em>> <em>> <em>> <em>> A new ShieldsUP! coming soon: <em>> <em>> In preparation for the "Spoofarino" freeware (mentioned at the <em>> bottom of the long DoS report page) we will be bringing the GRC <em>> NanoProbe technology over to the main GRC server for the first <em>> time. Our existing ShieldsUP! security evaluation system will <em>> receive its first significant upgrade since its introduction. <em>> <em>> As soon as it's ready for your testing I'll let you know! <em>> <em>> _________________________________________________________________ <em>> <em>> Thank you for your time. I hope this has been useful to you. <em>> <em>> Steve Gibson. <a href= "http://grc.com/"; >GRC Website</a> <em>> <em>> ________________________________________________________________ <em>> You may change your eMail address or remove yourself from this <em>> eMail system entirely, by visiting your personal page anytime: <em>> <a href= "http://grc.com/x/ne.dll?6glqv4ztp6"; >Update Info</a> <em>> ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ <!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Previous message:</strong> Dustin Puryear: "Re: [brluglist] RPM command.." <li><strong>Next in thread:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> Vic Landry: "RE: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade>
<small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:53 CDT</em> </em> </small> </body> </html>
