[Snort-users] GRC.com attack and TCP stacks
Edwin.Chiu at ...1378...
Fri Jun 22 21:11:40 EDT 2001
Quoting Galitz <galitz at ...247...>:
> So, I read the above URL, but I am curious. Steve
> Microsoft's engineers never fully implemented the complete
> "Unix Sockets" specification in any of the previous version
> of Windows.
> And goes to say that a MS Windows pre-2000 or XP box cannot
> generate spoofed packets without the attacker (or security
> auditor) using special device drivers.
> My question is... what the heck is he talking about? Is
> this true? Is it not possible to generate spoofed traffic
> on an NT box using only the OS and no new drivers to be
> installed? What missing functionality is being alluded
> to here?
I believe he is referring to Raw Sockets, something that is
implemented in Winsock 2.0 and available for download for
all versions of Windows, or 9x/NT. Although I always thought
NT allowed you to create Raw Sockets.
More information about the Snort-users