Snort mailing list archives
Re: GRC.com attack and TCP stacks
From: "Jason Robertson" <jason () ifutureinc com>
Date: Sun, 24 Jun 2001 17:58:55 -0400
Actually WinNT and all versions of Windows after Win95 (though there was the Winsock2 update), that allowed for Raw Sockets. I even have a few spoofers that work on win95/98 (with winsock2). And remember where there is a will there is a way... Jason On 22 Jun 2001, at 21:11, Edwin Chiu wrote: Date sent: Fri, 22 Jun 2001 21:11:40 -0400 From: Edwin Chiu <Edwin.Chiu () e-wares com> To: galitz () uclink berkeley edu Copies to: snort-users () lists sourceforge net Subject: Re: [Snort-users] GRC.com attack and TCP stacks
Quoting Galitz <galitz () uclink berkeley edu>:So, I read the above URL, but I am curious. Steve states: Microsoft's engineers never fully implemented the complete "Unix Sockets" specification in any of the previous version of Windows. And goes to say that a MS Windows pre-2000 or XP box cannot generate spoofed packets without the attacker (or security auditor) using special device drivers. My question is... what the heck is he talking about? Is this true? Is it not possible to generate spoofed traffic on an NT box using only the OS and no new drivers to be installed? What missing functionality is being alluded to here?I believe he is referring to Raw Sockets, something that is implemented in Winsock 2.0 and available for download for all versions of Windows, or 9x/NT. Although I always thought NT allowed you to create Raw Sockets. Regards, Edwin
--- Jason Robertson Network Analyst jason () ifutureinc com http://www.astroadvice.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- GRC.com attack and TCP stacks Galitz (Jun 22)
- Re: GRC.com attack and TCP stacks Edwin Chiu (Jun 22)
- Re: GRC.com attack and TCP stacks Benjamin Krueger (Jun 23)
- Re: GRC.com attack and TCP stacks Matt Watchinski (Jun 24)
- Re: GRC.com attack and TCP stacks Jason Robertson (Jun 24)
- Re: GRC.com attack and TCP stacks Benjamin Krueger (Jun 23)
- <Possible follow-ups>
- RE: GRC.com attack and TCP stacks Mayers, Philip J (Jun 25)
- Re: GRC.com attack and TCP stacks Edwin Chiu (Jun 22)