-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-= -= Raw Socket Access in Windows XP =- -= By Tierra =- -= tierra@phreaker.net =- -= http://www.2600slc.org =- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- First let me explain what raw socket access means. While performing attacks such as DDoS attacks, you would need to cover your IP address to not get traced and caught by spoofing your IP address, but IP spoofing requires root access on Unix systems, so that the attack software can open a "raw" network socket. Most applications use "cooked" sockets, where the IP stack provides the necessary packet headers. A raw socket means that the application must prepare the necessary headers itself. This permits you to put any information you want in the headers, including spoofed IP addresses. Note that Windows NT also supports raw sockets, so this is not just a Unix issue. Such an attack was made on Steve Gibson's company, as some of you may have heard about a long time ago, by a 13 year old who goes by the nick name "Wicked". Gibson was so disturbed from watching his own company get hit this hard by a 13 year old, he is now dedicating his life to fixing this "large and dangerous bug" as he believes it is. He is now working on a program to find out if your ISP allows you to send spoofed packets, for the sake of putting ISPs to shame and out of business for a more secure and reliable Internet. His story on the DDoS attacks on his site is explained in the link at the bottom of this text. When those insecure and maliciously potent Windows XP machines are mated to high-bandwidth Internet connections, we are going to experience an escalation of Internet terrorism the likes of which has never been seen before." - Steve Gibson There is another very interesting article I came across talking with Mike Neyman (programmer, my former co-worker). It's a theory about Microsoft coming out with raw socket access on purpose for bigger plans, as in taking over the Internet. The link to this article is found at the bottom of this text. To briefly summarize this article, it talks about Microsoft making Windows XP so vulnerable with raw socket access on purpose so that when script kiddies and hackers infest these machines so horribly that TCP/IP and IPX will neither be safe to run and a new Internet Protocol needs to be written to save everyone's ass. Supposedly, this protocol has already been written and is built into Windows XP (but isn't installed or activated). After the need for it is that bad, and it's released, Microsoft will have almost full control over the entire Internet. Anyway, it's a rather long and very opinionated article, and possibly worth reading. Being that my talk is on raw sockets in Windows XP and not raw sockets alone, I'm going to finish up with my remarks on Windows XP shipping with raw socket access. Also being my first talk, I have an excuse for making this a small talk, so I'll start on my conclusion now. My beliefs towards Microsoft coming out with raw socket support is - "great for them for coming out of their marketing shell", but the downside to all of this is if Cringely is right with his theories, then we are in for hell, and Microsoft still never came out of their marketing shell. Being the next in line to become a major consumer Operating System, Windows XP is more public and open for attack against the usual idiotic consumer buying a computer and could be abused to the point of getting 50 times more IRC bots for use in DDoS attacks. Personally I think that being that it is YOUR personal computer, I don't see why you shouldn't be given the options to do whatever the hell you want with it though. What I really think is stupid is the fact that Microsoft has the right to force Windows XP on all new boxes built, therefore being able to force settings onto users. -=-=-=-=-=-=-=-=-=-=-=- ¥ http://grc.com/dos/grcdos.htm - GRC, Steve Gibson Under Attack ¥ http://www.pbs.org/cringely/pulpit/pulpit20010802.html - PBS Cringely Talk -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=- © 2600SLC.ORG 2002 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-