Results 1 to 4 of 4

Thread: XP Security Issues

  1. #1

    Exclamation XP Security Issues

    I just read the post for a new reason XP shouldn't be released.
    http://www.antionline.com/showthread...hreadid=119817

    It states the problem as being the fact that data deleted is completely destroyed.
    Last I checked, Norton Utilities has a feature that will erase data to government standards - and I'm sure there are many more programs that do the same.

    One of the worst things (in my opinion - that I can tell) is the raw sockets that XP allows access to.
    http://grc.com/dos/sockettome.htm

    Its not a bad thing if the people who use XP close these sockets off, but if they do not, DDoS attacks will get tremendously worse.
    Right now, most DDoS use 98 because the majority of users are using 98 and have very lax security on their boxes.


    quote:
    --------------------------------------------------------------------------------
    It is impossible for an application running under
    any version of Windows 3.x/95/98/ME or NT
    to "spoof" its source IP or generate malicious
    TCP packets such as SYN or ACK floods.
    --------------------------------------------------------------------------------
    http://grc.com/dos/grcdos.htm

    So what happens when the majority of these users migrate over to XP? Same amount of DDoS zombies, just much more powerful and a great deal harder to track.

    What do you think? Am I just paranoid or do any of you find this to be a real threat? At least in the server security business it seems like a big threat to me. Are their any other security issues you think are important? List them all because anyone who deals in security will be faced with these problems, and I would much rather discover them in a message board now, then on my server next year.

  2. #2
    Junior Member
    Join Date
    Sep 2001
    Posts
    28
    Linux does the same thing, XP will just make it easier for the script kids to accomplish the same task.

    -Manbik

  3. #3
    Senior Member
    Join Date
    Aug 2001
    Posts
    170

    Arrow

    It is a threat. Nobody knows to what extent a threat it is, though...and we probably won't even by this time next year. It wasn't enough of a threat to stop MS from releasing it and so there isn't much that can be done. It sounds sad, but it is true. As long as you keep yourself, your servers, etc. patched and then ride out the occasional DoSes that is really all you can do unfortunately.
    \"If you torture the data enough, it will confess.\" --Ronald Coase

  4. #4
    I knew Linux does the same, the only difference is the wide spread deployment of the Windows system to people who do not understand what's going on. Most of the people (that I know at least) that run Linux know the basics of how to protect their computers from, at least, Trojans.
    I guess any form of security comes down to education..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •