Hmm. Is this about the raw socket deal with Windows XP? Raw sockets have been available in the UNIX world for a while, so I guess that means UNIX vendors are no better? Regards, Dustin Larry Braud wrote: <em>> This will take some time to read, but it is very interesting about how MS <em>> software is leaving holes and doesn't care. A good true HACKER'S story. <em>> Another site to leave MS for Unix. <em>> Larry <em>> ---------------------------------- <em>> Steve Gibson is the man behind "Shield's UP" web site. <em>> ----- Original Message ----- <em>> From: "Steve Gibson's MailBot" <[EMAIL PROTECTED]> <em>> To: "Larry" <[EMAIL PROTECTED]> <em>> Sent: Monday, July 02, 2001 2:55 PM <em>> Subject: Steve Gibson's July/2001 News from GRC.COM ... <em>> <em>> <em>> <em>>>Hello Larry, <em>>> <em>>>_________________________________________________________________ <em>>> <em>>> The May 2001 Denial of Service Attacks Against GRC.COM <em>>>_________________________________________________________________ <em>>> <http://grc.com/dos/intro.htm> <em>>> <em>>> <em>>>During the first few weeks of May, GRC.COM was the target of <em>>>several distributed denial of service (DDoS) attacks launched <em>>>by a 13-year-old hacker using a tool he did not write. Using <em>>>this tool, "Wicked" commanded multiple sustained attacks from <em>>>474 security-compromised Windows-based PC's. <em>>> <em>>>The whole tale turned into a pretty good read, and is <em>>>something I imagine you may enjoy. You can read the entire <em>>>page online on our web site, or you can download the PDF <em>>>file for offline reading or printing. <em>>> <em>>>The page on our site: <http://grc.com/dos/grcdos.htm> <em>>> <em>>>The PDF file: <http://media.grc.com:8080/files/grcdos.pdf> <em>>> <em>>> <em>>> <em>>>Windows XP: <em>>> <em>>>The experience with Windows-based denial of service attacks <em>>>focused my attention on Microsoft's planned release of Windows XP <em>>>with its planned inclusion of "Full Raw Socket" support. Full raw <em>>>sockets are a powerful and dangerous Internet API that exists in <em>>>all Unix-based operating systems. But under Unix they are <em>>>deliberately protected by the rigorous requirement for "root" <em>>>privilege. (Similar to Microsoft's "Administrative" privilege.) <em>>>However Microsoft has done away with this distinction in the Home <em>>>Edition of Windows XP which threatens to populate the world with <em>>>a needlessly dangerous capability. <em>>> <em>>>Microsoft and I have been arguing about this quite a lot <em>>>recently. Last Thursday, this culminated in an eight-way <em>>>telephone conference: <em>>> <em>>>My page explaining the XP threat: <http://grc.com/dos/winxp.htm> <em>>> <em>>>About our phone conference: <http://grc.com/dos/xpconference.htm> <em>>> <em>>> <em>>> <em>>>The new GRC News server: <em>>> <em>>>The denial of service attacks adversely affected our Windows- <em>>>based newsgroup server forcing us to give up on it and switch to <em>>>a Unix-based solution. That machine has a different name and IP <em>>>address. If you were using the news server at "grc.com" and IP <em>>>address of [207.71.92.193] please change your news reader to <em>>>connect to "news.grc.com" at the IP address of [207.71.92.194]. <em>>> <em>>> <em>>> <em>>>Our new Media page: <em>>> <em>>>Since I last wrote, we finally got the video clips from my various <em>>>appearances on ZDTV and TechTV online. Those who are interested <em>>>may find a page describing their format and an index to them here: <em>>> <em>>> <http://grc.com/media.htm> <em>>> <em>>> <em>>> <em>>>A new ShieldsUP! coming soon: <em>>> <em>>>In preparation for the "Spoofarino" freeware (mentioned at the <em>>>bottom of the long DoS report page) we will be bringing the GRC <em>>>NanoProbe technology over to the main GRC server for the first <em>>>time. Our existing ShieldsUP! security evaluation system will <em>>>receive its first significant upgrade since its introduction. <em>>> <em>>>As soon as it's ready for your testing I'll let you know! <em>>> <em>>>_________________________________________________________________ <em>>> <em>>>Thank you for your time. I hope this has been useful to you. <em>>> <em>>>Steve Gibson. <a href= "http://grc.com/"; >GRC Website</a> <em>>> <em>>>________________________________________________________________ <em>>>You may change your eMail address or remove yourself from this <em>>>eMail system entirely, by visiting your personal page anytime: <em>>><a href= "http://grc.com/x/ne.dll?6glqv4ztp6"; >Update Info</a> <em>>> <em>> <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================ <em>> <em>> <em>> <p> -- Dustin Puryear <[EMAIL PROTECTED]> http://members.telocity.com/~dpuryear In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
<!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> Terry Stockdale: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Previous message:</strong> Larry Braud: "[brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>In reply to:</strong> Larry Braud: "[brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Next in thread:</strong> Terry Stockdale: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> Terry Stockdale: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> John Hebert: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade> <small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:53 CDT</em> </em> </small> </body> </html>
