Firewall Wizards mailing list archives
Re: Proxy 2.0 secure? (about ms protocol stack)
From: tqbf () pobox com
Date: Fri, 26 Jun 1998 01:00:19 -0500 (CDT)
ms tcp/ip stack is substantially less mature than, say, unix' (both bsd & s5, i don't know what else is there to compare...). ms stack seems particularly vulnerable to faulty ip fragments, and various malformed
We don't know this for sure. It happens that some of the most publicized denial of service attacks on the Internet in recent history have affected Windows NT; it also happens that people pay more attention to bugs that affect Windows NT, and pay more attention to the fact that a given bug affects Windows NT (when it may affect many other operating systems). Windows NT certainly does not boast a mature TCP/IP stack --- read the archives of the tcp-impl mailing list to see some of the world's most authoritative TCP implementors explain why. However, the real reason why it's reasonable to claim that Windows NT's stack is less secure than, say, 4.4BSD's, is that we don't have access to it's source code. I'm no more confident in AIX's (to name a large commercial Unix platform at random) stack. Security software which has neither open source nor published peer review results should not be trusted. Since the industry doesn't seem to want to meet these criteria for (almost) ANY commercial security software, you take what you can get. ----------------------------------------------------------------------------- Thomas H. Ptacek SNI Labs, Network Associates, Inc. ----------------------------------------------------------------------------- http://www.pobox.com/~tqbf "If you're so special, why aren't you dead?"
Current thread:
- RE: Proxy 2.0 secure? (about ms protocol stack) Choi, Byoung (Jun 25)
- Re: Proxy 2.0 secure? (about ms protocol stack) tqbf (Jun 26)
- <Possible follow-ups>
- RE: Proxy 2.0 secure? (about ms protocol stack) Eric Arnold (Jun 26)
- RE: Proxy 2.0 secure? (about ms protocol stack) Choi, Byoung (Jun 26)