SP2 compatibility with Framework

[hypnojazz at gmail.com (Giuseppe Senese)]

With SP2, Microsoft has crippled Windows in the following ways.

1. TCP packets may no longer be sent through the raw sockets API 
2. IP spoofed UDP packets may no longer be sent through raw sockets 
   (affects decoy and spoofed scanning). 
3. Outbound TCP connection attempts are throttled to a slow rate. 

There is a patch for tcp.sys to fix this

http://mitglied.lycos.de/lvllord/download-mirror.htm

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#XSLTsection127121120120

Ciao

05-Sep-2005 09:33:48 CEDT, Marco Monicelli <marco.monicelli at marcegaglia.com>:
> Hello Anurag!
>
> Here's some step to do in order to ENABLE the sending of RAW socket,
> disabled by the SP2:
>
> 1) Open Control panel
> 2) Turn on Classic Visuallization
> 3) Open Administration Tools
> 4) Services
> 5) There is "Windows Firewall / Internet Condivision (ICS)"
> 6) There stop service and disable it in General settings but when you
> reboot the pc services start anyway so in "Connection setting" on "Hardwar
> Profile" you must set to "Profile 1" DISABLED!
>
> This should do the trick. If anyone is aware of a command line version of
> it, please be so kind to send me the details.
>
> Regards
>
> Marco
>
>
> List,
>        I also encounter the same problems about error creating socket.
> Does Framework have problems with Winxp SP2. Nmap also had problems with
> SP2 and they had to come out with a totally new version. It goes this
> way.....
> When an Nmap user asked MS why security tools
> such as Nmap broke, MS responded[1]:
>
>  "We have removed support for TCP sends over RAW sockets in SP2.
>  We surveyed applications and found the only apps using this on XP were
>  people writing attack tools."
>
> What is the workaround for Error Creating Socket problem?
> Anurag Joshi