ADVISOR .. Technology Know-How
Raw Sockets, Raw Deal
The Web is already dangerous, but Windows XP's raw sockets could take it down entirely.
Grc Sucks.com
Windows 2000 and XP Can Easily Be Made More Secure
This page is a mirror of what was avaiable at http://grc.com/dos/SocketToMe.htm
Keep in mind when reading this page that the SocketToMe tool did not work proberly, it did not proof anything. Steve Gibson did not care to test it out proberly, which in this case means he failed to test if the raw sockets he created actually where able to SEND any data. In other words, if you don't have admin access you won't be able to use Raw sockets.
ComputerHeadline.com
Raw Sockets - Red Herring? Angus Stewart weighs up the arguments.
The arguments over 'full raw sockets' and their inclusion in Windows XP would, at first glance, appear to be so esoteric as to be completely obscured by men in grey anoraks. However, further investigation reveals a question of security which reaches right to the heart of the Internet.
Security Administrator
Microsoft Responds to Windows XP Security Issue
To protect XP users from intrusion, Microsoft says that XP's built-in Internet Connection Firewall (ICF), which the OS enables by default on all XP machines connected to the Internet, is the first line of defense. Indeed, I tested this defense with Steve Gibson's excellent "Shields Up" utility, and XP passed with flying colors (in fact, the program told me that it couldn't even detect a computer attached to my IP address). And Microsoft is investing heavily in various security measures for its other Internet products, such as Outlook Express and Outlook, which the company is upgrading with attachment-protection technologies.
ZDNet Tech Update
OPINION .. XP vulnerable to DoS attacks
Though the Internet is full of operating systems that support raw sockets, including all versions of Unix and Linux, Windows is the only operating system that makes them available to any user with any level of access. Unix and Linux require special rights to allow this feature to be accessed, so it's less of a problem (although this feature is regularly exploited with those operating systems, as well).
Microsoft TechNet
Hostile Code, not the Windows XP Socket Implementation, is the Real Security Threat
At the root of GRC's claims are a set of functions provided in the Windows XP networking services. These new functions – referred to collectively as a "raw sockets" implementation – will enable programs to manipulate the construction and content of TCP/IP data packets. GRC claims that these functions will increase the incidence of DDOS attacks, wherein a malicious user covertly installs "zombie" software on other people's computers and then directs the zombies to combine forces and flood a target network with data. GRC claims that because a zombie program running on Windows XP could use native operating system functions to disguise the originating point of the data, it will be the operating system of choice for DDOS attacks.
| Previous | Back to CUGG FAQ Windows XP | Next |