Vulnerability Development mailing list archives
WinXP raw sockets (was RE: Crack Office XP)
From: "Graham, Randy (RAW) " <RAW () y12 doe gov>
Date: Mon, 11 Jun 2001 09:11:26 -0400
This exact topic has been quite the discussion motivator on the firewalls list (http://lists.gnac.net/) for the past week or so. Most people there (myself included, although I am not an expert) feel that this concern is highly over-inflated. Win95/98 already have this capability with the simple loading of the Windows version of the libpcap library. Now, many think "Hey, that means most users machines can't be used for spoof attacks since they won't have winpcap loaded." Thing is, the latest version of winpcap is loadable and usable *WITHOUT* reboot. So, once a user's system gets taken over by the trojan of the day, whoever controls said trojan can just install winpcap remotely and start spoofing. Or, if for some reason the library doesn't work and they need a reboot, they can just force a blue-screen, and when the user reboots, winpcap will load. Finally, with DDoS attacks, spoofing really isn't even necessary, so there is little concern over whether or not the address is spoofed. A flood is a flood, even if you know where it is coming from. Oh yeah, and Office XP was cracked and distributed at least 4 days prior to being on store shelves. Randy Graham -- You're kind of trying to pick between "horible disaster" and "attrocious disaster" -- Paul D. Robertson (on VNC vs. PPTP) http://www.theregister.co.uk/content/2/19442.html - Mankind's greatest invention?
-----Original Message----- From: ricardo_x [mailto:ricardo_x () hotmail com] Sent: Sunday, June 10, 2001 3:27 PM To: vuln-dev () securityfocus com Subject: Re: Crack Office XP .... just wanted to add my 2 cents: folks, regardless whether any progy/os is crackable or not (btw please add office-xp to the list) what I find incredible and a true issue to this newsgroup is micro$oft's intention to 100% implement the raw sockets specification. (see more info at Steve Gibson' http://grc.com/dos/winxp.htm) welcome to the jungle, ricardo ----- Original Message ----- From: <bill_weiss () att net> To: <vuln-dev () securityfocus com> Sent: Sunday, June 10, 2001 2:21 AM Subject: Re: Crack Office XPbill_weiss () att net(bill_weiss () att net)@Sat, Jun 09, 2001 at01:25:07PM -0600:Blue Boar(BlueBoar () thievco com)@Fri, Jun 08, 2001 at09:54:38PM -0700:Nicolás Gómez wrote:I went to the launching of the Office XP... in theentering of the Ballroomthey bring to you a bag with some products....One ofthem was a Office XPtrial for 30 days if someone has that crack or has some place to searchfor it, i'd appreciateitSeveral people have already replied that "this is thewrong list",or "go buy the software". Including one guy who madethat comment,and then included a serial number. Go figure. Anyway, I let it through because there have been newsstories thatit has been cracked, and MS denies it. I was hopingfor an answer.Second, I was hoping for a discussion of how the copy protection in XP products works. Yes, it's a bit off-topic for vuln-dev, and I usually toss such queries. However, this isgoing to affect alot more people, and I think it's also going to touch on privacy issues.And here we thought you were losing your mind :) I, personally, have no intentions of ever touching thisOS, if I can.But, some of my friends who are active in the warez scenehave been runningbeta builds of it, sometimes since the day they come out.For more info,I refer you to this site: http://winblowz.orcon.net.nz/whistler.html and, if that goes down, it's found at http://kickme.to/winblowz98 And clicking on "Windows Whistler/XP"Arrgghh... Office != Windows (thanks to the person whopointed this out).Same site (http://kickme.to/winblowz98), different link. Iimagine you canfind it.
Current thread:
- WinXP raw sockets (was RE: Crack Office XP) Graham, Randy (RAW) (Jun 11)
- Re: WinXP raw sockets (was RE: Crack Office XP) ricardo_x (Jun 11)