[thelist] More good news about Windows XP

sales at iibiz.com sales at iibiz.com
Mon Jun 25 09:48:46 CDT 2001


Besides the Smart Tags issue, here's an article from June 18th eweek:

(can't find it online for a link......)

**********
DDoS ATTACKERS RAISING THE BAR

Distributed Denial-of Service attacks-which by some estimates total more
than 4,000 week-are likely to get much worse as the perpetrators hone their
skills and new weaknesses in popular platforms are discovered and exploited.

As vendors such as Asta Networks, Inc. and Mazu Networks Inc. prepare to
launch their anti-DDoS solutions in the coming weeks, attackers across the
Internet are fine-tuning their tools and creating sophisticated assaults
designed to elude even the best defenses.

In addition, those malicious programmers could get a big assist this fall
when Microsoft Corp. releases Windows XP, which some security experts say
provides attackers with a made-to-order launching pad for their DDoS
assaults.

The operating system will include support for "raw sockets", a Unix-style
function that lets users write raw IP packets and send them to any host they
choose.

The functionality also gives users the ability to spoof the IP addresses of
the originating machine, something not possible with out-of-the-box Windows
9x installations.  This combined with the fact that XP will largely be
deployed by security-challenges home users has experts fearing the worst.

"This is a vastly powerful tool for mass destruction," said security expert
Steve Gibson of Gibson Research Corp., in Laguna Hills, CA, whose Web site
was hit by several DDoS attacks last month.  "No home software has any need
for raw sockets."

However, officials of the Redmond, WA software company and some security
specialists say that the feature has been in Unix and its open-source
descendants for years and that it has always been possible to spoof IP
addresses with Windows 9x with plug-ins.
***********(rest of  article is about specific DDoS attacks.......)

Be sure to TRIM your reply if you reply to this one,

Sandy






More information about the thelist mailing list