as someone who ported a raw packet library to winnt systems over a year ago, i seriously doubt that raw sockets pose any threat to the internet that wasn't already there. the things you should watch out for are the new xp centric features, like a built in pcanywhereish remote administration feature, and potentially having iis on every desktop, home or corporate. xp offers a lot more in the way of security than 9x/me ever did, it offers much more functionality, and to say that adding better apis already availible in a hackable functionality is a bad thing is ridiculous. people who want this functionality, for bad or good reasons, already have it. this just marginally makes it easier... i'd trade a microkernel TCB based sacl/dacl system's benefits over any potential risk that raw sockets could ever pose. if you want to define the threat here, get on the isp's to enforce egress spoofing filtering. when i worked at an isp, we did it on all of our borders, it's not hard, it doesn't realisticly reduce performance, and acheives the effect that people want by dropping raw sockets, without removing that functionilty. Raw sockets offer a potentially much higher degree of control over your network. yes, it allows spoofing, but it also allows people to write their own better protocols without having to hack in kmode, or write tdi filters. Signed, Ryan Permeh eEye Digital Security Team http://www.eEye.com/Retina -Network Security Scanner http://www.eEye.com/Iris -Network Traffic Analyzer ----- Original Message ----- From: "ricardo_x" <ricardo_xat_private> To: <vuln-devat_private> Sent: Sunday, June 10, 2001 3:27 PM Subject: Re: Crack Office XP > > ... just wanted to add my 2 cents: > > folks, > regardless whether any progy/os is crackable or not (btw please add > office-xp to the list) > what I find incredible and a true issue to this newsgroup is micro$oft's > intention to 100% implement > the raw sockets specification. (see more info at Steve Gibson' > http://grc.com/dos/winxp.htm) > > welcome to the jungle, > > ricardo > > > ----- Original Message ----- > From: <bill_weissat_private> > To: <vuln-devat_private> > Sent: Sunday, June 10, 2001 2:21 AM > Subject: Re: Crack Office XP > > > > bill_weissat_private(bill_weissat_private)@Sat, Jun 09, 2001 at > 01:25:07PM -0600: > > > Blue Boar(BlueBoarat_private)@Fri, Jun 08, 2001 at 09:54:38PM -0700: > > > > Nicolás Gómez wrote: > > > > > > > > > > I went to the launching of the Office XP... in the entering of the > Ballroom > > > > > they bring to you a bag with some products....One of them was a > Office XP > > > > > trial for 30 days > > > > > > > > > > if someone has that crack or has some place to search for it, i'd > appreciate > > > > > it > > > > > > > > Several people have already replied that "this is the wrong list", > > > > or "go buy the software". Including one guy who made that comment, > > > > and then included a serial number. Go figure. > > > > > > > > Anyway, I let it through because there have been news stories that > > > > it has been cracked, and MS denies it. I was hoping for an answer. > > > > Second, I was hoping for a discussion of how the copy protection > > > > in XP products works. Yes, it's a bit off-topic for vuln-dev, > > > > and I usually toss such queries. However, this is going to affect a > > > > lot more people, and I think it's also going to touch on privacy > > > > issues. > > > > > > > > > > And here we thought you were losing your mind :) > > > > > > I, personally, have no intentions of ever touching this OS, if I can. > > > But, some of my friends who are active in the warez scene have been > running > > > beta builds of it, sometimes since the day they come out. For more > info, > > > I refer you to this site: > > > http://winblowz.orcon.net.nz/whistler.html > > > and, if that goes down, it's found at > > > http://kickme.to/winblowz98 > > > And clicking on "Windows Whistler/XP" > > > > Arrgghh... Office != Windows (thanks to the person who pointed this out). > > > > Same site (http://kickme.to/winblowz98), different link. I imagine you > can > > find it. > > >
This archive was generated by hypermail 2b30 : Mon Jun 11 2001 - 07:38:33 PDT