Windows XP will be the bane of the Internet

In My Humble Opinion
1

I have just learned that Windows XP will be the first Home-user class operating system from Microsoft that allows for full Raw Sockets support.

What this basically means is that any WinXp machine will be able to launch a fully Spoofed Denial of Service attack anonymously against any other computer in the world. Additionally, these machines will be able to launch attacks of a type that cannot be filtered, TCP SYN packets on port 80.

Folks, when Christmas comes around this year, and WIndows Xp is available and installed everywhere, all it will take is for someone to write a small malicious program that simply asks:
“Enter IP Address to attack:”
and that will be it. The program will be available to be downloaded by anyone who has an interest in messing around with anyone else. Schoolchildren will syncroinize their watches after school, and then rush home to click the “attack” button against their target du jour. Hacker DoS problems will escalate beyond imagination, with no way to trace the source, or block or filter them in any way.

Microsoft denies the problem is serious, and claims that their previous version of Windows has full Raw Sockets implementation, but this is simply not correct. Only Windows 2000 currently has this feature until WIndows XP is unleased on an unsuspecting world of home users. WHere WIndows ME was a marginal unnecessary upgrade, WinXP is going to have many new toys and features, and will be purchased by the tens of thousands very soon.

THe biggest problem is that most home users can’t be concerned to download and install a personal firewall. Only Zonealarm (www.zonelabs.com) is able to block both incoming and outbound connections effectively. Almost all denial of service attacks come from windows-based Pc’s that have high speed connections and no personal firewall. Blackice Defender lets them right though with no obstruction at all, and no indication that anything is going on that is dangerous or damaging.

So what we have to do now is hope: Hope that Microsoft fixes this serious threat to the internet before releasing their next OS and hope that more home users download, and run Zonealarm (free, by the way) every time they connect to the net.

For more information on this and other internet security threats, visit http://www.grc.com

2

The general consensus amongst computer experts is that the XP raw sockets implementation is irrelevant. As long as XP includes so many easily accessible virus vectors, any 1EE7 d00d can take over any XP machine. Once a hacker owns your machine, they can do whatever they want, full sockets or not. XP will not be any less secure than any previous Windows version, which is to say, it is totally insecure like all windows OSes.

3

There’s a lot of comments about this issue. Steve Gibson, of Gibson Research, has been pushing quite hard that the raw sockets will make it hard to track down DDOS attacks. However, most other experts seem to disagree with him – some very strenuously.

4

Well, Steve seems to know his stuff. I tend to agree with what he says, but I guess time will tell how serious this is.

5

Linux does it too. Win2k has it, as does NT4. Essentially, XP will just be implementing TCP/IP the RIGHT way. If there’s a problem with the protocol, that’s hardly MS’s fault. That’s TCP/IP’s fault. It is MS’s obligation to give the user full support for the protocols that it is using, otherwise, the system is simply not complete.

6

Yes, that is true, but how many home users do you know that run Linux, NT4, or 2000? Not very many. Most run 98 or ME, and since broadband is becoming more common, it means more machines for hackers to access.

I have to agree with Steve at GRC as well. It will be interesting to see how it gets exploited.