Full Disclosure mailing list archives
RE: SP2 and NMAP
From: Frank Knobbe <frank () knobbe us>
Date: Fri, 13 Aug 2004 11:52:01 -0500
On Fri, 2004-08-13 at 11:21, Castigliola, Angelo wrote:
Microsoft told Fyodor the reason they disabled raw sockets in SP2 was: "We have removed support for TCP sends over RAW sockets in SP2. We surveyed applications and found the only apps using this on XP were people writing attack tools."
Silly thing to say anyway. Even if raw sockets are no longer available, attack tools can (and some do) still use their own IP stacks (libpcap/libdnet/etc). Unless MS starts to filter calls on the network driver layer, attack tools will still work. Nicely shows Microsoft's lack of understanding in this area though. Regards, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- RE: SP2 and NMAP Castigliola, Angelo (Aug 13)
- RE: SP2 and NMAP Frank Knobbe (Aug 13)
- <Possible follow-ups>
- RE: SP2 and NMAP Justin Azoff (Aug 13)