Copy Link
Add to Bookmark
Report

Raw Socket Access in Windows XP

hacker's profile picture
Published in 
2600 Salt Lake City
 · 5 years ago

 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=

-= Raw Socket Access in Windows XP =-

-= By Tierra =-
-= tierra@phreaker.net =-

-= http://www.2600slc.org =-
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

First let me explain what raw socket access means. While performing attacks such
as DDoS attacks, you would need to cover your IP address to not get traced and caught by
spoofing your IP address, but IP spoofing requires root access on Unix systems, so that
the attack software can open a "raw" network socket. Most applications use "cooked"
sockets, where the IP stack provides the necessary packet headers. A raw socket means
that the application must prepare the necessary headers itself. This permits you to put
any information you want in the headers, including spoofed IP addresses. Note that
Windows NT also supports raw sockets, so this is not just a Unix issue.

Such an attack was made on Steve Gibson's company, as some of you may have heard
about a long time ago, by a 13 year old who goes by the nick name "Wicked". Gibson was
so disturbed from watching his own company get hit this hard by a 13 year old, he is now
dedicating his life to fixing this "large and dangerous bug" as he believes it is. He is
now working on a program to find out if your ISP allows you to send spoofed packets, for
the sake of putting ISPs to shame and out of business for a more secure and reliable
Internet. His story on the DDoS attacks on his site is explained in the link at the
bottom of this text.

When those insecure and maliciously potent Windows XP machines are mated to
high-bandwidth Internet connections, we are going to experience an escalation of Internet
terrorism the likes of which has never been seen before." - Steve Gibson

There is another very interesting article I came across talking with Mike Neyman
(programmer, my former co-worker). It's a theory about Microsoft coming out with raw
socket access on purpose for bigger plans, as in taking over the Internet. The link to
this article is found at the bottom of this text.

To briefly summarize this article, it talks about Microsoft making Windows XP so
vulnerable with raw socket access on purpose so that when script kiddies and hackers
infest these machines so horribly that TCP/IP and IPX will neither be safe to run and a
new Internet Protocol needs to be written to save everyone's ass. Supposedly, this
protocol has already been written and is built into Windows XP (but isn't installed or
activated). After the need for it is that bad, and it's released, Microsoft will have
almost full control over the entire Internet. Anyway, it's a rather long and very
opinionated article, and possibly worth reading.

Being that my talk is on raw sockets in Windows XP and not raw sockets alone,
I'm going to finish up with my remarks on Windows XP shipping with raw socket access.
Also being my first talk, I have an excuse for making this a small talk, so I'll start
on my conclusion now.

My beliefs towards Microsoft coming out with raw socket support is - "great for
them for coming out of their marketing shell", but the downside to all of this is if
Cringely is right with his theories, then we are in for hell, and Microsoft still never
came out of their marketing shell. Being the next in line to become a major consumer
Operating System, Windows XP is more public and open for attack against the usual idiotic
consumer buying a computer and could be abused to the point of getting 50 times more IRC
bots for use in DDoS attacks. Personally I think that being that it is YOUR personal
computer, I don't see why you shouldn't be given the options to do whatever the hell you
want with it though. What I really think is stupid is the fact that Microsoft has the
right to force Windows XP on all new boxes built, therefore being able to force settings
onto users.

-=-=-=-=-=-=-=-=-=-=-=-

http://grc.com/dos/grcdos.htm - GRC, Steve Gibson Under Attack

http://www.pbs.org/cringely/pulpit/pulpit20010802.html - PBS Cringely Talk

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-
� 2600SLC.ORG 2002
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

← previous
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT