This is definately not an issue for the vuln-dev mailing list. So Win2K and WinXP can spoof packets, so could Win9x/ME given the right code. It was possible to send forged packets with win95 by accessing the raw modem device (not as difficult as it sounds) and sending raw ppp packets (aggressor). You could also forge packets by writing them at the NDIS layer, either by using a custom packet driver or hooking into the TDI api. That Microsoft is finally complying to the Winsock standard shouldn't be cause for people to get upset. <rant> This seems like yet another attempt for Mr Gibson to get press by overreacting to a non-issue. Every single network project on his web site is based on him "rediscovering" old problems, presenting himself as the leading authority, and failing to do a good job of conveying the real threat. Take his "nanopackets" project, where he describes an IP packet in binary context which somehow makes it much more interesting than an IP packet in more understandable format. </rant> -HD On Sunday 10 June 2001 05:27 pm, ricardo_x wrote: > ... just wanted to add my 2 cents: > > folks, > regardless whether any progy/os is crackable or not (btw please add > office-xp to the list) > what I find incredible and a true issue to this newsgroup is micro$oft's > intention to 100% implement > the raw sockets specification. (see more info at Steve Gibson' > http://grc.com/dos/winxp.htm) > > welcome to the jungle, > > ricardo >
This archive was generated by hypermail 2b30 : Mon Jun 11 2001 - 07:28:44 PDT