[ Thanks to jcpetit for this link.
]
A lot of readers are probably familiar with Steve Gibson’site
GRC.com as a place to go for superficial verification of
workstation security via free, web-based portscans. GRC.com
recently fell victim to a packet-flooding DoS attack. His account
of the whole ordeal, which includes some of his correspondence with
the attacker, is fairly interesting, as is his assertion that
Microsoft, in implementing the complete Unix sockets specification
for Win2000/XP, has opened the Internet to “an escalation of
Internet terrorism the likes of which has never been seen
before.”
As always, Mr. Gibson’s style is somewhat overheated.
“…As a result, Internet security experts know that
non-spoofing Internet attacks are almost certainly being generated
by Windows-based PC’s. Forging the IP address of an attacking
machine (spoofing) is such a trivial thing to do under any of the
various UNIX-like operating systems, and it is so effective in
hiding the attacking machines, that no hacker would pass up the
opportunity if it were available.It is incredibly fortuitous for the Internet that the massive
population of Windows-based machines has never enjoyed this
complete “Unix Sockets” support which is so prone to abuse. But the
very bad news is this has horribly changed for the worse with the
release of Windows 2000 and the pending release of Windows XP.For no good reason whatsoever, Microsoft has equipped Windows
2000 and XP with the ability FOR ANY APPLICATION to generate
incredibly malicious Internet traffic, including spoofed source
IP’s and SYN-flooding full scale Denial of Service (DoS)
attacks!”