Full Disclosure mailing list archives

RE: Reverse engineering the Windows TCP stack

From: "Kyle Quest" <Kyle.Quest () networkengines com>
Date: Tue, 29 Mar 2005 12:01:56 -0500


It seems that there's some bsd code reused in microsoft
network utilities and their socket API implementation
(a number of previous emails demonstrated that). However,
the TCP/IP stack itself(tcpip.sys, ipsec.sys, etc) 
is a totally different beast. There are a lot of architectural
differences between MS and BSD TCP/IP stacks. At most MS
reused some of the high level concepts and algorithms 
with possible tiny bits and pieces of BSD support 
routines (e.g., checksums, hashing,). This is why
Windows (2k or XP) doesn't behave exactly the same as BSD. 
I base my statements on prior work I've done with NetBSD, 
FreeBSD, OpenBSD, Linux, and Windows TCP/IP stacks. 
I had to partially RE the stack windows has. Fortunately, 
the source code for other stacks was available, 
which made things much easier.

Kyle

-----Original Message-----
From: Georgi Guninski [mailto:guninski () guninski com]
Sent: Tuesday, March 29, 2005 2:03 AM
To: James Longstreet
Cc: Tim; full-disclosure () lists grok org uk; Kyle Quest;
serinus-canaria () sentinelchicken org
Subject: Re: [Full-disclosure] Reverse engineering the Windows TCP stack


On Fri, Mar 25, 2005 at 12:18:04AM -0600, James Longstreet wrote:

I don't know if it's credit per se, but I just ran strings on XP's
finger.exe:

<snip>
s_perror
MSWSOCK.dll
@(#) Copyright (c) 1980 The Regents of the University of California.
 All rights reserved.


I've done it with ftp.exe and a few others as well, I'd imagine most of
those utilities were borrowed from BSD.


http://64.233.183.104/search?q=cache:-UWnNbtDLhoJ:www.smh.com.au/articles/2002/04/20/1019233287416.html+gates+gpl+cancer&hl=en
Steve Ballmer, told a reporter that a competing "open-source" system called
Linux was "a cancer that attaches itself in an intellectual-property sense to
everything it touches".

but obviously not all free software is bad.
reusing bsd code is good thing according to m$.

-- 
where do you want bill gates to go today?


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Reverse engineering the Windows TCP stack, (continued)
- - - Re: Reverse engineering the Windows TCP stack Vladamir (Mar 25)
    - Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 25)
    - Re: Reverse engineering the Windows TCP stack Vladamir (Mar 25)
    - Re: Reverse engineering the Windows TCP stack ADT (Mar 25)
    - Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 26)
    - Re: Reverse engineering the Windows TCP stack Vladamir (Mar 26)
    - Re: Reverse engineering the Windows TCP stack Georgi Guninski (Mar 28)
    - Re: Reverse engineering the Windows TCP stack NSC (Mar 29)
- RE: Reverse engineering the Windows TCP stack Aditya Deshmukh (Mar 24)
  - Re: Reverse engineering the Windows TCP stack Vladamir (Mar 24)
- RE: Reverse engineering the Windows TCP stack Kyle Quest (Mar 29)
- Re: Reverse engineering the Windows TCP stack pretty vacant (Mar 31)
  - Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 31)