[Dshield] XP and security
David.Sentelle at cnbcbank.com
Tue Nov 27 17:58:47 GMT 2001
Lotsa people seem concerned about XP's security and easily accessed raw sockets. Would a raw socket-less WinXP keep a user from booting from a floppy disk into a linux partition and running their hacks? Would requiring 'root' privledges for raw sockets actually insure that only responsible people had 'root' access?
Would raw sockets be that much of a problem if ISPs just checked the packets to make sure that the address sending the traffic was the same that was declared inside the packets?
I'm much more concerned with the lack of accountability that software developers have, as well as the lack of definition as to where an OS should stop and applications should start. Microsoft has been 'developing' the windows platform for a LONG time now, and I STILL see applications installing files to the OS's core directories. If they're not going to tell consumers, shouldn't Microsoft at LEAST tell developers where the OS stops and their Application starts? (Sorry for the tangent, but I've been working for 2 days trying to figure out how to allow users to 'cut' a block of text from MS-Word2k without crashing)
--Hoping I've not exposed too much of my lack of knowledge
Network Operations Specialist
Commerce National Bank
614.334.6282 Voice 614.848.8830 Fax
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this e-mail in error, please notify admin at cnbcbank.com and delete it from your system.
More information about the list