I think claims is the key word there. Has someone verified yet that anyone at any privilege level can get access to raw sockets under Windows XP? Knowing the levels of privileges, etc that Windows NT has always had, I would find it hard to believe that they have just opened up access to that facility to anyone who wanted it. Ric -----Original Message----- From: David Schwartz [mailto:davidsat_private] Sent: Monday, June 11, 2001 2:13 PM To: Fenrisat_private; ricardo_xat_private; vuln-devat_private Subject: RE: Gibson (was Crack Office XP) > If Gibson isn't bright enough to figure out how to write a script kiddie > trojan to dynamically load the packet driver, I don't trust him enough to > be telling the world that he thinks there's a problem. Besides, if this > was really a problem, we'd already see this occuring on Win32 > systems, Unix > systems, Mac systems, etc - all of which support raw sockets. Methinks > Gibsons diatribe was one more of wanting publicity for himself or > his site In fairness to Gibson, there does not exist any Unix system I know of that has the flaw he claims Windows XP has. They all restrict access to raw sockets to trusted/privileged code. DS
This archive was generated by hypermail 2b30 : Tue Jun 12 2001 - 05:52:55 PDT