August 13th, 2004, 07:29 AM
Not really, his point is invalid simply because raw socket access can be easily provided by third party libraries, which were in fact used by trojans predating the GRC DDoS thing.
Originally posted here by S1lv3rW3bSurf3r
Does this mean that he actually had a point to his raving?! I remember reading some years ago about wicked attacking his site. I know he used that, the attack, to hype the use of raw sockets that at the time were going to be used in XP.
Not at all, what he was saying had the POTENTIAL of being a severe problem. The fact is, very few DDoS trojan developers have put it into use.
I cannot however, still get over the issue that i feel that he is somewhat of a doomsday prophet?! I do believe that in this time no real dDoS has been done using windows (especially Home version) with raw socket support, in fact if memory serves in NT there was a registry setting for swicthing on limited Raw Socket support....... Or at least exploited to the extent that he had hyped it.
Oracle is not an operating system, it is a company that develops software (primarily database servers) which runs on many different architectures and operating systems.
Did they not include it perhaps, because they are using the BSD IP Stack wholesale?! Perhaps someone more knowledgable, Like Pooh, will be able to help?! Raw sockets, perhaps for coders and the like would open up windows and make it more flexible so one could code applications with raw socket support built in?! I believe that once Winsock API became DCOM, they needed i believe to say that they also had they ability to do what some other OSes, Like Oracle could already do .......... If incorrect, please feel free to rectify this misnoma ......
There was nothing preventing developers from using raw sockets before. It is not a matter of OS flexibility, it basically involves using a third party library to do the job instead of windows. The actual implementation is much the same in both cases.
Their reasoning for taking it out of XP SP2 was based somehow on improving security.
If I remember correctly, part of their reasoning behind implementing it was indeed to bring Windows' native networking capabilities up to that of Unixes and such, which ALL have raw socket access for privileged users.
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
August 13th, 2004, 07:44 AM
Thank you for your response ... it is duly noted ....
I appreciate the manner in which enrichment is imparted ......
HO$H Pagamisa. Pro Amour Ludi....
August 31st, 2004, 02:34 PM
Note that only TCP sends via raw sockets are disabled in SP2. Raw sockets can still be used to access ICMP packets since ICMP is built on UDP.
- Every current MSDN document on developing with ICMP says the preferred method of accessing ICMP packets is via the raw sockets implementation.