Full Disclosure mailing list archives
RE: Reverse engineering the Windows TCP stack
From: "Kyle Quest" <Kyle.Quest () networkengines com>
Date: Tue, 29 Mar 2005 12:01:56 -0500
It seems that there's some bsd code reused in microsoft network utilities and their socket API implementation (a number of previous emails demonstrated that). However, the TCP/IP stack itself(tcpip.sys, ipsec.sys, etc) is a totally different beast. There are a lot of architectural differences between MS and BSD TCP/IP stacks. At most MS reused some of the high level concepts and algorithms with possible tiny bits and pieces of BSD support routines (e.g., checksums, hashing,). This is why Windows (2k or XP) doesn't behave exactly the same as BSD. I base my statements on prior work I've done with NetBSD, FreeBSD, OpenBSD, Linux, and Windows TCP/IP stacks. I had to partially RE the stack windows has. Fortunately, the source code for other stacks was available, which made things much easier. Kyle -----Original Message----- From: Georgi Guninski [mailto:guninski () guninski com] Sent: Tuesday, March 29, 2005 2:03 AM To: James Longstreet Cc: Tim; full-disclosure () lists grok org uk; Kyle Quest; serinus-canaria () sentinelchicken org Subject: Re: [Full-disclosure] Reverse engineering the Windows TCP stack On Fri, Mar 25, 2005 at 12:18:04AM -0600, James Longstreet wrote:
I don't know if it's credit per se, but I just ran strings on XP's finger.exe:<snip> s_perror MSWSOCK.dll @(#) Copyright (c) 1980 The Regents of the University of California. All rights reserved.I've done it with ftp.exe and a few others as well, I'd imagine most of those utilities were borrowed from BSD.
http://64.233.183.104/search?q=cache:-UWnNbtDLhoJ:www.smh.com.au/articles/2002/04/20/1019233287416.html+gates+gpl+cancer&hl=en Steve Ballmer, told a reporter that a competing "open-source" system called Linux was "a cancer that attaches itself in an intellectual-property sense to everything it touches". but obviously not all free software is bad. reusing bsd code is good thing according to m$. -- where do you want bill gates to go today? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Reverse engineering the Windows TCP stack, (continued)
- Re: Reverse engineering the Windows TCP stack Vladamir (Mar 25)
- Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 25)
- Re: Reverse engineering the Windows TCP stack Vladamir (Mar 25)
- Re: Reverse engineering the Windows TCP stack ADT (Mar 25)
- Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 26)
- Re: Reverse engineering the Windows TCP stack Vladamir (Mar 26)
- Re: Reverse engineering the Windows TCP stack Georgi Guninski (Mar 28)
- Re: Reverse engineering the Windows TCP stack NSC (Mar 29)
- Re: Reverse engineering the Windows TCP stack Vladamir (Mar 24)
- Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 31)