Security Concern

To: debian-project@lists.debian.org
Subject: Security Concern
From: Nick Menchise <nmenchise@optushome.com.au>
Date: Thu, 05 Jul 2001 15:49:05 +1000
Message-id: <[🔎] 3B43FFD1.702021C5@optushome.com.au>

Greetings.

I am writing this e-mail to ask about a security concern that's just
been made aware to me.

You may know about Gibson Research Corporation and its recent efforts to
improve Internet security. Over the past week, Gibson has been writing
articles about a feature that's being implemented in the upcoming
release of Windows XP known as Full Raw Socket support. This feature has
existed in Unix based systems since 1981, and has become an exploitable
architecture for malicious hackers sending SYN floods to web servers.
While Unix based systems include security measures that unsuccessfully
attempt to prevent this, Windows XP includes no security measures at
all. Since I have no intention of purchasing Windows XP (for more
reasons than one), I am curious about Debian.

Does the Linux kernel also provide Full Raw Socket support? If it does,
what security measures are being provided by the Linux kernel and Debian
to reduce the ability of malicious hackers to exploit the architecture
(apart from the "root" privileges measure used by Unix)?

Please send your reply to nmenchise@optushome.com.au

Reply to:

Follow-Ups:
- Raw sockets (Re: Security Concern)
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: The Debian FAQ
Next by Date: [no subject]
Previous by thread: Re: The Debian FAQ
Next by thread: Raw sockets (Re: Security Concern)
Index(es):
- Date
- Thread