dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


The Register: Security geek developing WinXP raw socket exploit

Jun 13, 2001, 22:42 (12 Talkback[s])
(Other stories by Thomas C. Greene)

Readers may remember a story we linked to a little over a week ago wherein Steve Gibson (of GRC.com) detailed a denial of service attack on his site and explained how the implementation of full Unix sockets support in Windows XP will bring about a script kiddie apocalypse. The Register follows up here with a report on Mr. Gibson's "spoofarino," a tool designed to ferret out ISP's that permit spoofed packets from customer machines. The Reg is less forgiving than many of our readers were when this story first ran, going so far as to suggest that Mr. Gibson's new tool may encourage development of malicious variations.

"...After being packeted into submission last month by a thirteen-year-old computer enthusiast called "Wicked", he's become obsessed with the mission of dissuading Microsoft from outfitting 'XP with the same capabilities as most of its competitors.

He's written thousands of words on his Web site, denouncing Microsoft for putting something like real power into a consumer operating system. He's written memos to the company; he's warned all his site's visitors; but he's still not satisfied. The "XP Christmas of Death" is coming, he warns, immediately after which all the little s'kiddies will gleefully baptize us with fire.

... Unfortunately, not enough of the right people are listening to him with the proper degree of attentiveness. So he's decided to show the bastards: Gibson is developing a free tool which he calls 'Spoofarino'."

Complete Story