The Death of TCP/IP

• Previous message (by thread): The Death of TCP/IP
• Next message (by thread): The Death of TCP/IP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>> Raw socket support in NOT a bad thing.  I wonder if Robert
>> Cringely and Steve Gibson are friends.
>> 
>True, Raw socket support alone is NOT a bad thing.  Raw socket
>support on
>hundreds of thousands of hosts that have well known exploitable
>holes that
>can easily be used by any script kiddie to generate widespread DDOS
>attacks
>in a completely anonymous fashion little more than a downloaded
>script are a bad thing.  You'll notice he didn't rail against raw
>socket
>support
>in NT, *Nix, etc.  He railed against an OS with all the security of
>Win3.1
>being given raw socket support.

Not to flog a dead horse here, but if everyone would simply apply
proper ingress/egress filters at their borders this would all be a
moot point.  It's hard to perpetrate an anonymous dDOS attack if the
packets aren't making it out of the originating network...and given
that this is, after all, a list for *network operators* it really
shouldn't be necessary to continually point this out.

Andrew

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO27aX9U0NpnwXzrpEQInuwCdE7Rg7F7/IQp7nYfhBGasSWabTcUAn0ke
kqsNEwLckWCPIlWZB/bWLPxA
=hEEn
-----END PGP SIGNATURE-----

• Previous message (by thread): The Death of TCP/IP
• Next message (by thread): The Death of TCP/IP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]