Steve Gibson: more on Windows XP, raw socket support, and securityJul 02, 2001, 23:30 (32 Talkback[s])
[ Thanks to Jeff Stephens for this link. ]
A lot of readers are probably familiar with Steve Gibson'site GRC.com as a place to go for superficial verification of workstation security via free, web-based portscans. GRC.com recently fell victim to a packet-flooding DoS attack. He argues that Microsoft, in implementing the complete Unix sockets specification for Win2000/XP, has opened the Internet to "an escalation of Internet terrorism the likes of which has never been seen before." In this follow-up after a meeting with Microsoft officials, he's even more convinced that Microsoft knows little about security, as they have included "Full Raw Socket" support without the safeguards that exist in UNIX-based systems.
In his own words: