Bosco Posted June 21, 2002 Posted June 21, 2002 I have been reading Steve Gibsons site for a while now. Very good information. I read his DoS attack write up the day he placed it on his site.. but I have never tried to see if Windows XP actually in fact does support raw sockets. Today, I didn't have many emails to read, so I thought I'd test Mr Gibsons theory on raw sockets in XP. I downloaded a program that uses raw sockets in XP. The first test I did was, sending ICMP type 5 (ICMP Redirect) packets to my own system, and it worked! I was able to spoof the source address as, 192.168.1.1 or even 127.0.0.1 localhost. Zonealarm was fooled, and so was my nexland firewall. I figured to really test this was to make the destination address a computer on the internet and not on my network. The only computer on the internet I have access to, is the server this site is running on. So, I made the destination address overclockersclub.com and the source address yahoo.com and sent 10 ICMP type 5 packets. Sure enough! In the firewall log, on the server said Reject 10 ICMP type 5 packets from yahoo.com This is a very bad thing, microsoft did. err.. well "another" bad thing microsoft did.. Mr Gibson told MS this while XP was still in beta testing, and yet MS still included RAW socket support for whatever reason.. I recommend everyone visit his site and read this article: here Also go to his freeware page. Download socket lock this little program will turn off raw sockets in XP. If you say, well I dont care its not bothering me.. then you should think again. The next virus or trojan you get on your computer may launch a DoS attack against other computers on the internet by using RAW sockets in XP. Then I'm sure you will care Share this post Link to post Share on other sites More sharing options...
Bosco Posted June 21, 2002 Posted June 21, 2002 I guess I should of placed this in the OS forum Warping it there now! Share this post Link to post Share on other sites More sharing options...
Bosco Posted June 21, 2002 Posted June 21, 2002 I love that site. Steve has alot of good things on his site. If i'm not mistaken who was the one that discovered spyware. Great site. Share this post Link to post Share on other sites More sharing options...
Psywar Posted June 21, 2002 Posted June 21, 2002 Im just glad there is someone out there keeping up with security and protecting us! hehe Share this post Link to post Share on other sites More sharing options...
RaTeD-R Posted June 21, 2002 Posted June 21, 2002 Yeah, very nice site indeed. SpinRite 5's a great program as well. I haven't read that article yet, seems very interesting. Once the old lady goes to bed and I actually have some peace and quite I'll sit down and read the article, which I am looking forward to (yeah, I'm easily amused). Thanks. Share this post Link to post Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now