[Dshield] Spoofing Source Address Verification XP

Rick Hayes rhayes at vicor-nb.com
Tue Nov 27 18:20:06 GMT 2001


Doesn't raw socket usage require administrative privileges on the
computer? 


-----Original Message-----
From: dshield-admin at dshield.org [mailto:dshield-admin at dshield.org] On
Behalf Of Sean Graham
Sent: Tuesday, November 27, 2001 3:18 AM
To: dshield at dshield.org
Subject: RE: [Dshield] Spoofing Source Address Verification XP



Interesting because I just installed a few Windows 98 SE systems and
they 
indeed had all file sharing and printer sharing disabled by default.

And what "XP's default security weaknesses" are you referring to?

I have no problem with anyone having an opinion as long as they can back
it 
up. :)

-- Sean

At 08:44 PM 11/26/2001 -0600, you wrote:
>How is this any different than a default install of Windows 95 or 98 
>that has client for Microsoft Networks and File and Printer Sharing 
>enabled on the internet?  XP's default security weaknesses are nothing 
>new from Microsoft.  I don't think XP deserves to be singled out for 
>"inherent security weaknesses" because of the raw sockets support.
>
>--Alexander
>
> > -----Original Message-----
> > From: Quibell, Marc [mailto:mquibell at icn.state.ia.us]
> > Sent: Monday, November 26, 2001 4:22 PM
> > To: 'dshield at dshield.org'
> > Subject: RE: [Dshield] Spoofing Source Address Verification XP
> >
> >
> > Might I interject and say that the problem is that Windows XP, an 
> > end-user-marketed product, in the hands of inexperienced end-users, 
> > will provide hackers, internet terrorists, and script kiddies many 
> > more (AND
> > easier) opportunities to wreak havok onto the internet. In fact it 
> > will provide them a much greater abundance of unsecured access like 
> > nothing we've seen before. Do we simply "hope" that the default 
> > installation of the end-user XP will be secure enough, with it's 
> > integrated firewall, to keep hackers out in the first place? Based 
> > on M$'s track record, I predict this "hope" to be short-lived.
> >
> > Marc
>
>_______________________________________________
>Dshield mailing list
>Dshield at dshield.org
>To change your subscription options (or unsubscribe), see:
>http://www1.dshield.org/mailman/listinfo/dshield


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

_______________________________________________
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:
http://www1.dshield.org/mailman/listinfo/dshield




More information about the list mailing list