WinXP raw socket security flaw?

Toggle sidebar Toggle sidebar
M

Medea

Golden Member
Dec 5, 2000
1,606
0
0
Came across this and was wondering if this is a legit concern.

http://grc.com/dos/xpsummary.htm

Windows XP's new support of the full raw socket application programming Interface (API) allows for the creation of fraudulent and damaging Internet traffic. This has never been possible under Windows without first modifying the operating system with third-party device drivers ? which has never been done by malicious programs.

The security features built into all other raw socket capable operating systems (Windows 2000, Unix, Linux, etc.) deliberately restrict raw socket access to applications running with full "root" privilege. However, the Home Edition of Windows XP executes all applications with full administrative ("root&quot privilege. Thus, Windows XP eliminates the raw socket safety restrictions imposed by all other operating systems.
 
H

HellRaven

Senior member
Feb 5, 2000
659
0
0
Yes, it certainly is a valid concern. Basically it makes it easier for hackers to mask their identities while online. It also makes it easy for them to mask the identities of their victims since many times they hack into a persons computer for launching DOS attacks.

It is true that it is possible for them to do this now, but it is much more difficult so not having the full socket standard implemented was a good thing. As Steve Gibson said on his website, Microsoft is refusing to re-implement the socket standard for Win95/98/ME for XP. They argue that it is possible to get around it already so there is no use in trying to block the hackers.

As he argued (and I agree with him), it is akin to locks on your car doors. You dont HAVE to lock them - someone could still get into your car if they want. However, it still can prevent thefts by making it just a little bit more difficult.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |