[OT] raw TCP/IP sockets?

To: debian-user@lists.debian.org
Subject: [OT] raw TCP/IP sockets?
From: Mike Pfleger <pfleger@pfleger-precision.com>
Date: Sat, 25 Aug 2001 14:53:01 -0700
Message-id: <[🔎] 20010825145301.A1778@BananaSlug>
Mail-followup-to: debian-user@lists.debian.org

Hello.

I've included a snippet of an exchange regarding the "raw TCP/IP socket"
issue that Cringley (IIRC) was talking about in that article from a few
weeks back.  Could someone please comment on whether I've understood
this correctly?  I never got a reply to my response.

>>  With the Berkley Sockets TCPIP (ie Linux, BSD, Solaris, ...) you can
>> build a complete IP packet and send it down to the network card
>> (ethernet) for transmission. You need to be root, but you can do it.
>> 
>>  Windows TCPIP currently doesn't allow this. You send the data packet
>> plus headers for it to assemble and it doesn't allow the user to set
>> the source IP.
>> 
>>  So all those denial of service attacks launched from Windows
>> machines are traceable from the target. Now enter a world where you
>> would have to check ever upstream router to trace back to the
>> sources. 

> So let me see if I understand all of this correctly.  With windoze XP
> having "raw" TCP/IP sockets (like *nix), but which do _not_ require su
> privs to access (unlike *nix), any user can spoof IPs?  Thus an app
> (read worm) can have IP spoofing abilities without needing suid root
> on execution?

TIA,
Mike Pfleger

There's seventy brilliant people on earth.
Where are they hiding?
"Yashar" -Cabaret Voltaire (off of "2x45")

Reply to:

Follow-Ups:
- Re: [OT] raw TCP/IP sockets?
  - From: Dimitri Maziuk <dmaziuk@yola.bmrb.wisc.edu>

Prev by Date: Re: No ide-scsi, no CD-RW
Next by Date: Re: Sendmail and mutt problems
Previous by thread: Re: No ide-scsi, no CD-RW
Next by thread: Re: [OT] raw TCP/IP sockets?
Index(es):
- Date
- Thread