Re: Raw Sockets

From: Miriam English (
Date: Sat Aug 11 2001 - 04:12:11 MDT

At 03:13 PM 11/08/2001 +0800, Chen Yixiong, Eric wrote:
>You might wish to know these factors:
>1) ISPs can filter most of the spoofed outgoing packets (except those
>using its own subnet).

Yes, this is one of the best solutions. This was one of the things proposed
by Bob Cringely in his article.

>2) Viruses and trojans cannot send spoofed packets if they cannot enter
>your computer (such as due to firewalls, anti-viral, anti-trojan,
>intrusion detection software or proper design of the OS).

That is true too. But you only need a small fraction of the population
operating unsafe machines to have problems like Denial Of Service attacks,
for instance. Then it doesn't matter how safe everybody else's computers are.

I should mention here that everybody running MS operating systems should
get ZoneAlarm ( ). It is free for noncommercial use
and is a very efficient firewall. You will be horrified at how many times
your machine is probed.

>Raw Sockets and M$ should not take all the fault of causing these problems.

The thing that annoys me about MS is that they have the capability to
enhance security but they are actually worsening the situation. Nobody
needs an email client to run programs inside email without needing to click
on attachments like Outlook does. There is no sensible reason to allow easy
access to raw sockets that WindowsXP is going to give. Having the entire
computer stand or fall on the basis of a single non-human-readable file
(the registry) is asking for problems. I could go on and on...

Maybe MS shouldn't take *all* the blame, but they sure deserve the lion's

Best wishes,

         - Miriam

Q. What is the similarity between an elephant and a grape?
A. They are both purple... except for the elephant.
Virtual Reality Association

This archive was generated by hypermail 2b30 : Fri Oct 12 2001 - 14:40:06 MDT