Raw sockets itself is not a problem. For a given Unix system the majority of people who have the power to use raw sockets know how to do it properly.
Gibson's beef was that you now have millions of copies of Windows 2000 with raw sockets on by default and every single copy could be infected by malware/viruses that abuse raw sockets. He argued that there was no good reason to include them in Windows 2000 because no average windows user knew enough to use them properly or needed them. And it left a huge hole that could be exploited. Which it was by every worm and virus that rampaged the net in the last few years. Doesn't anyone actually listen to what people say before they spout off? On 1/20/06, Ben Ruset <[EMAIL PROTECTED]> wrote: > Everyone laughed because "raw sockets" is not a real problem. *nix > systems have had the ability to generate raw sockets for years. Things > like clustering and VRRP depend on the ability to generate packets that > appear to come from virtualized (or spoofed!) IP addresses. > > > Bill Cohane wrote: > > At 13:49 01/20/06, Ben Ruset wrote: > >> I'm still waiting for the internet to break like Steve Gibson said it > >> would when Windows 2000 was released. > > > > > > Gibson warned about the inclusion of "raw sockets" in Win2k. Everyone > > laughed. > > Since then, Microsoft has quietly eliminated the raw sockets with > > patches. To > > his credit, Gibson never made a big deal about their elimination. > > > > Regards, > > Bill > > > > > -- Brian
