[Dshield] Spoofing Source Address Verification XP

Alexander Rayborn alexander at red-abstract.com
Tue Nov 27 02:44:44 GMT 2001


How is this any different than a default install of Windows 95 or 98
that has client for Microsoft Networks and File and Printer Sharing
enabled on the internet?  XP's default security weaknesses are nothing
new from Microsoft.  I don't think XP deserves to be singled out for
"inherent security weaknesses" because of the raw sockets support.

--Alexander

> -----Original Message-----
> From: Quibell, Marc [mailto:mquibell at icn.state.ia.us] 
> Sent: Monday, November 26, 2001 4:22 PM
> To: 'dshield at dshield.org'
> Subject: RE: [Dshield] Spoofing Source Address Verification XP
> 
> 
> Might I interject and say that the problem is that Windows 
> XP, an end-user-marketed product, in the hands of 
> inexperienced end-users, will provide hackers, internet 
> terrorists, and script kiddies many more (AND
> easier) opportunities to wreak havok onto the internet. In 
> fact it will provide them a much greater abundance of 
> unsecured access like nothing we've seen before. Do we simply 
> "hope" that the default installation of the end-user XP will 
> be secure enough, with it's integrated firewall, to keep 
> hackers out in the first place? Based on M$'s track record, I 
> predict this "hope" to be short-lived. 
> 
> Marc 




More information about the list mailing list