Re: Raw sockets (Re: Security Concern)

To: debian-project@lists.debian.org
Subject: Re: Raw sockets (Re: Security Concern)
From: Philip Thiem <ptt@umr.edu>
Date: Sat, 01 Jan 2000 23:48:30 -0600
Message-id: <[🔎] 386EE6AE.C38CD9A4@umr.edu>
Reply-to: ptt@umr.edu
References: <[🔎] 3B43FFD1.702021C5@optushome.com.au> <[🔎] 20010705042622.P3411@alcor.net>

Matt Zimmerman wrote:

I noticed this posted and notice some of the interpretation different
Steve's opinion about XP from own when I originally read the original
account of Gibsons report several weeks ago.  I strongly recommend
http://grc.com/dos/grcdos.htm for reading, this is
his original account of how his rant against XP came about.  If I
misunderstood something please correct me.
> 
> On his web page, Mr. Gibson acknowledges the possibility of loading device
> drivers to access raw sockets, but denies that this is a problem in practice,
> and insists that a system shipped without raw socket support is more secure.
I had gotten the impression the presence or lack of feature that makes
it more or less secure, but windows with the feature lacking makes it
less dangerous and a better idea.  
It's windows with the combination of this functionality that I think he
doesn't like, and this could create a breeding ground for attacks on
others.  Apparently, with the home version where you are effectivly
running as "root" all the time and security restrictions are a bit more
laid back, the system (at least the home version) doesn't restrict
access to this functionality.  

> This simply isn't true, at least for UNIX-like systems.  I don't have any
> first-hand experience with Windows in this area, but Mr. Gibson seems to imply
> in his article that the only reason that this argument doesn't apply to Windows
> systems is because Windows device drivers are "operating system version
> dependent and difficult to reliably install".  So Microsoft, apparently, is
> twice saved: first by having a broken BSD sockets implementation, and then by
> having a broken device driver architecture.
Again I think the point of view is "windows xp" is somehow inheritly
less secure, and
also don't restrict access to this functionality.  So if MS is not going
to improve
restrictioning this functionality, it's better off with a broken sockets
implementation.

> 
> Restriction of raw sockets to processes with root privileges is the only
> meaningful security measure that can be applied, short of running the OS out of
> ROM.

Precisely.


-- 
Philip Thiem /---/ ptt@umr.edu /---/ Pass on the GAS get NASM instead
    Computer Science & Mathematics Undergraduate @ UM-Rolla
    Interests: Security, Operating Systems, Numerical Computing,
               Algorithm Analysis, Discrete/Linear/Modern Algebra,

Reply to:

References:
- Security Concern
  - From: Nick Menchise <nmenchise@optushome.com.au>
- Raw sockets (Re: Security Concern)
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: Raw sockets (Re: Security Concern)
Next by Date: Re: Raw sockets (Re: Security Concern)
Previous by thread: Re: Raw sockets (Re: Security Concern)
Next by thread: [no subject]
Index(es):
- Date
- Thread