|
-
Hammerhead Shark
 XP home edition Security risk
useful rant: on
Do you want your computer to become a zombie? Waiting to do whatever some malicious cracker wants it to do? Well then make sure Microsoft releases XP home edition with full raw socket support!
It will be a distrubuted denial of service attack party like we have never seen before.
Well, seriously this is a huge security risk. Please check out the information on Denial of Service with Windows XP at GRC.com. Then write an email to Microsoft, [email protected] asking them to do something about this risk.
useful rant: off
Thank you
------------------
[SGC Moderate Member]
-
Ursus Arctos Moderatis
Well, it's not exactly like that.
You said:
"Do you want your computer to become a zombie? Waiting to do whatever some malicious cracker wants it to do?"
The raw socket suppot in XP changes only one thing. It will allow those who wish to, launch more *effective* DDOS attacks. This has been an ability of Unix/Linux for a long long time, it's really nothing new.
So while running XP, you won't be at the whim of every hacker out there. If you feel like participating in a DDOS attack on some major company, you'll simply be able to do it more effectively. You're in total control of your home PC, and there is no real & present security risk which you need to worry about as a home user. The only people that need to worry now...are large scale web sites which are juicy targets for would-be DDOS'ers.
I don't see why raw socket support was built into XP, I'd be interested to see Microsoft's reasoning behind it.
-
Hammerhead Shark
I have known for a long time that this is an ability in Unix/Linux. The problem is that it has never been useful in windows before w2k and XP.
even in w2k, it doesn't worry me all that much. but the home version is aimed at less computer savy people than any of the Unix variants or W2K. As you an I both know, to be a victim of a DDOS attack somebody has to target you. So yes, the only people that need to worry about being attack are large scale web sites.
But who is affected by that? The users. If I can't search for free stuff on say download.com because someone is cheesed off at cnet, and has launched an attack, I am affected.
The home version of XP is set to run all applications with the equivalent of "root" access. This means that people that get infected with viruses are now a much more destructive platform that before, because not only can they send windows DOS attacks (Ping of Death, etc.) but they will also be able to send garbage SYN and ACK attacks.
Bottom line, if XP home version is released with Raw Sockets (which have no purpose on an end user system) DDOS attacks will be much more effective.
edit: typo
Also, I am fairly certain that you have a much better understanding of programming and computers than I do in general, and am not trying to start a "knowledge war" that I am sure to lose. I just think this is a problem worthy of attention.
------------------
[SGC Moderate Member]
[This message has been edited by hobbes2112 (edited August 08, 2001).]
-
Ursus Arctos Moderatis
You're absolutely right, I'm glad to see that this is getting some attention. People should know these things. But my point is, don't take what Steve Gibson says to be gospel. If you ask me...he's a little off his rocker lately.
The notion that XP will introduce a new and extreme danger to the internet is just plain silly. XP is offering raw socket support, which Linux/Unix have been offering for a long time, as well as Win2k. Steve's major beef with this is the fact that XP is the world's *first* Consumer-Aimed OS which offers Raw Socket Support.
Mark my words, this will have *zero* impact on DDOS attacks as we know it. The fact that the average consumer now has raw socket support, makes not a lick of difference. The 'maggots' that launch DDOS attacks are all savvy enough to pirate Win2k at their leisure, and believe me they *all* have.
The only difference that XP is bringing to the world of Raw Sockets is the fact that eventually every John Q. Public will have raw socket support. Big deal. He could care less. The people that do launch DDOS's ('maggots' as I call them), already have Raw Socket Support via Win2k/Linux/Unix, and have had it for a long time. So now those 'maggots' can do the same thing they've always been able to do in a prettier GUI.
Don't get me wrong here hobbes2112, I'm not trying to out-knowledge you either. I'm just trying to prevent people from getting all stewed up over nothing. Steve Gibson is a very intelligent, and educated man. But even still, his opinions on XP are a little extreme.
-
Hammerhead Shark
Yeah you are right, I guess I, like Steve, over dramatized this issue.
That is why I used the "rant on/off" tags so people might catch that I was doing so.
------------------
[SGC Moderate Member]
-
For such a old topic, how could you have it wrong grizzly? The problem isn't hackers being able to use their own machines to launch DDOS attacks, it's the ablilty to use other peolples machines to do so. Where before they were limited to using Unix based or Win2k machines that they got control of, now they will be able to commandeer XP machines and use them as zombies while hiding the true IP from the attacked. The XP OS will soon become common place, giving crackers the ability to seriously increase the number of zombies participating in DDOS attacks. The problem is that they can mask the true IP, something that is not an issue with 95,98,ME. This will make it next to impossible to trace these attacks back to a specific machine and block it. Of course the home user has little to worry about, it's the major sites and their servers who will be forced to fight an invisible enemy whose numbers are about to explode.
[This message has been edited by Trill (edited August 08, 2001).]
-
Its not the fact that XP Home Edition has raw sockets thats bad. Its the fact that there are no security restrictions to the raw sockets so that Home Edition will be more backwards compatible. XP Pro Edition has nothing to worry about.
------------------
1 GHz T-bird
512 Megs PC133 CL2 Crucial SDRAM
KT7-RAID
Elsa Gladiac GeForce 2 GTS
Hitachi SuperScan Elite 21 Inch (.22 horizontal and .18 vertical refurb for $350 best buy I ever made)
2 40 Gig IBM Deskstar 60s in RAID
Maxtor 30 Gig 7200 rpm ATA100
Windows 2000 SP2/Windows XP Pro RC1 build 2505
10x DVD-ROM
Lite-On 12x/10x/32x CD-RW
Creative Labs Soundblaster Live! Value
Cable Modem
Think people! Computing isn't a hand-holding process.
Sisqo:
1 GHz T-bird
512 Megs PC133 CL2 Crucial SDRAM
KT7-RAID
Elsa Gladiac GeForce 2 GTS
Hitachi SuperScan Elite 21 Inch (.22 horizontal and .18 vertical refurb for $350 best buy I ever made)
2 40 Gig IBM Deskstar 60s in RAID
Maxtor 30 Gig 7200 rpm ATA100
Windows XP build 2600
10x DVD-ROM
Lite-On 12x/10x/32x CD-RW
Creative Labs Soundblaster Live! Value
Cable Modem
-
Here, here! My exact thoughts Trill. Nobody launches a DoS attack from their own computer - for it to be effective you need many computers so you can completely flood the target with bogus traffic. Right now computers with broadband (DSL, Cable) that get infected with Trojans are highly sought after (by crackers) for their ability to generate a lot of packets quickly. How much worse will it be when these same computers have raw sockets so the attacks are virtually impossible to filter?
Originally posted by Trill:
For such a old topic, how could you have it wrong grizzly? The problem isn't hackers being able to use their own machines to launch DDOS attacks, it's the ablilty to use other peolples machines to do so. Where before they were limited to using Unix based or Win2k machines that they got control of, now they will be able to commandeer XP machines and use them as zombies while hiding the true IP from the attacked. The XP OS will soon become common place, giving crackers the ability to seriously increase the number of zombies participating in DDOS attacks. The problem is that they can mask the true IP, something that is not an issue with 95,98,ME. This will make it next to impossible to trace these attacks back to a specific machine and block it. Of course the home user has little to worry about, it's the major sites and their servers who will be forced to fight an invisible enemy whose numbers are about to explode.
[This message has been edited by Trill (edited August 08, 2001).]
"On the side of the software box, in the 'System Requirements' section,
it said 'Requires Windows 95 or better'. So I installed Linux."
-Anonymous
-
Ursus Arctos Moderatis
I understand that it takes a few hundred computers to set up a decent DDOS attack, but I think you guys are underestimating the level of difficulty that lies in getting Trojans on those unknowing cable/XP machines.
I still think DDOS attacks will have no more of a presence than they already have. DDOS attacks will continue to happen. If the rate of attacks happens to slightly increase over the next few years, it won't be because of XP, rather, it will be because there are more and more 13-14 year old hackers being born everyday.
At least that's how I forsee it. I might be eating my words a year from now.  Who knows...
[This message has been edited by Grizzly (edited August 08, 2001).]
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
