This exact topic has been quite the discussion motivator on the firewalls list (http://lists.gnac.net/) for the past week or so. Most people there (myself included, although I am not an expert) feel that this concern is highly over-inflated. Win95/98 already have this capability with the simple loading of the Windows version of the libpcap library. Now, many think "Hey, that means most users machines can't be used for spoof attacks since they won't have winpcap loaded." Thing is, the latest version of winpcap is loadable and usable *WITHOUT* reboot. So, once a user's system gets taken over by the trojan of the day, whoever controls said trojan can just install winpcap remotely and start spoofing. Or, if for some reason the library doesn't work and they need a reboot, they can just force a blue-screen, and when the user reboots, winpcap will load. Finally, with DDoS attacks, spoofing really isn't even necessary, so there is little concern over whether or not the address is spoofed. A flood is a flood, even if you know where it is coming from. Oh yeah, and Office XP was cracked and distributed at least 4 days prior to being on store shelves. Randy Graham -- You're kind of trying to pick between "horible disaster" and "attrocious disaster" -- Paul D. Robertson (on VNC vs. PPTP) http://www.theregister.co.uk/content/2/19442.html - Mankind's greatest invention? > -----Original Message----- > From: ricardo_x [mailto:ricardo_xat_private] > Sent: Sunday, June 10, 2001 3:27 PM > To: vuln-devat_private > Subject: Re: Crack Office XP > > > > .... just wanted to add my 2 cents: > > folks, > regardless whether any progy/os is crackable or not (btw please add > office-xp to the list) > what I find incredible and a true issue to this newsgroup is > micro$oft's > intention to 100% implement > the raw sockets specification. (see more info at Steve Gibson' > http://grc.com/dos/winxp.htm) > > welcome to the jungle, > > ricardo > > > ----- Original Message ----- > From: <bill_weissat_private> > To: <vuln-devat_private> > Sent: Sunday, June 10, 2001 2:21 AM > Subject: Re: Crack Office XP > > > > bill_weissat_private(bill_weissat_private)@Sat, Jun 09, 2001 at > 01:25:07PM -0600: > > > Blue Boar(BlueBoarat_private)@Fri, Jun 08, 2001 at > 09:54:38PM -0700: > > > > Nicolás Gómez wrote: > > > > > > > > > > I went to the launching of the Office XP... in the > entering of the > Ballroom > > > > > they bring to you a bag with some products....One of > them was a > Office XP > > > > > trial for 30 days > > > > > > > > > > if someone has that crack or has some place to search > for it, i'd > appreciate > > > > > it > > > > > > > > Several people have already replied that "this is the > wrong list", > > > > or "go buy the software". Including one guy who made > that comment, > > > > and then included a serial number. Go figure. > > > > > > > > Anyway, I let it through because there have been news > stories that > > > > it has been cracked, and MS denies it. I was hoping > for an answer. > > > > Second, I was hoping for a discussion of how the copy protection > > > > in XP products works. Yes, it's a bit off-topic for vuln-dev, > > > > and I usually toss such queries. However, this is > going to affect a > > > > lot more people, and I think it's also going to touch on privacy > > > > issues. > > > > > > > > > > And here we thought you were losing your mind :) > > > > > > I, personally, have no intentions of ever touching this > OS, if I can. > > > But, some of my friends who are active in the warez scene > have been > running > > > beta builds of it, sometimes since the day they come out. > For more > info, > > > I refer you to this site: > > > http://winblowz.orcon.net.nz/whistler.html > > > and, if that goes down, it's found at > > > http://kickme.to/winblowz98 > > > And clicking on "Windows Whistler/XP" > > > > Arrgghh... Office != Windows (thanks to the person who > pointed this out). > > > > Same site (http://kickme.to/winblowz98), different link. I > imagine you > can > > find it. > > > > > >
This archive was generated by hypermail 2b30 : Mon Jun 11 2001 - 08:14:41 PDT