Interesting People mailing list archives
IP: 2 on Cringely on TCP/IP
From: David Farber <dave () farber net>
Date: Thu, 02 Aug 2001 19:22:06 -0400
Date: Thu, 2 Aug 2001 16:07:28 -0700 (PDT) From: Karl Auerbach <karl () cavebear com> Reply-To: Karl Auerbach <karl () cavebear com> To: David Farber <dave () farber net> Subject: Re: IP: Cringely on TCP/IP
The Death of TCP/IP Why the Age of Internet Innocence is Over By Robert X. Cringely
That article is flawed. One has always been able to generate bogus packets from Windows machines - It has always been a "small matter of programming" to reach down to the hardware, the device driver, one of its abstraction (such as "NDIS") and do things directly. And with physical access to a computer one can always simply reboot the machine from a new disk or CD and simply avoid all operating system limitations altogether. For instance, for several years I have had some network troubleshooting code that simply bypasses the Windows TCP stack and uses it's own protocol stack to handle its own IP, ICMP, UDP, and even ARP packets using whatever address has been configured for the troubleshooting software, ignorring the one that has been programmed into Windows. (Troubleshooting tools, like surgical scalpels, need to be sharp to be useful. So I did embed many protections into the software, such as internal passwords and user interface impediments, to avoid accidental misuse of strong features. But like a scalpel, network troubleshooting software can be dangerous if handled incompetently or with an intent to cause harm.) Protection against IP address spoofing - which is what this is - really requires that there be filters in the net's routing infrastructure to block the propogation of packets bearing addresses that are coming from places where they shouldn't be coming from. That's a relatively easy thing to be done near the edges of the Internet - and many consider it rather important for companies, schools, and edge-ISP to install such filters. But is very hard to do such filtering the core for reasons not only of avoiding the per-packet overhead but also because it is very hard to know in the core when a packet is coming from an improper place. --karl-- X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: farber () cis upenn edu X-Image-URL: http://www.transsys.com/louie/images/louie-mail.jpg From: "Louis A. Mamakos" <louie () TransSys COM> Subject: Re: IP: Cringely on TCP/IP Date: Thu, 02 Aug 2001 19:08:02 -0400 Sender: louie () whizzo transsys com Stupid users are not new with the advent of the public Internet and TCP/IP protocols; it might just be there are many more places you can find them. People have been running afoul of "active content", and trojan horses for decades. We've just provided a much more comfortable medium for them lately. Remember oh these many years ago, the world of RSCS and BITNET on IBM systems? Remember the REXX "viruses" which people used to mail around which would send copies of themselves to everyone else in your email address notebook? All you need is content which is some sort of executable code, and an a mail user-agent that allows execution of it, and, well, here we are. I don't know what caused this REXX "virus" attack on IBM systems to no longer be a problem; probably a combination of user education and fiddling with the underlying email user agents. Louis Mamakos For archives see: http://www.interesting-people.org/
Current thread:
- IP: 2 on Cringely on TCP/IP David Farber (Aug 02)