Author Topic: Latest MS Patch Disables Raw Sockets  (Read 10440 times)

0 Members and 1 Guest are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Latest MS Patch Disables Raw Sockets
« Reply #15 on: April 28, 2005, 06:36:57 pm »
But they still shouldn't make it impossible to look after yourself!

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: Latest MS Patch Disables Raw Sockets
« Reply #16 on: April 30, 2005, 03:52:33 pm »
Question.

What in the HELL is a raw socket?
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: Latest MS Patch Disables Raw Sockets
« Reply #17 on: April 30, 2005, 04:22:02 pm »
Well, it's obviously not a well-done socket.
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: Latest MS Patch Disables Raw Sockets
« Reply #18 on: April 30, 2005, 05:25:44 pm »
Oh shut UP, Newby. So childish.

What's the non-food-defintion of a raw socket?
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Latest MS Patch Disables Raw Sockets
« Reply #19 on: May 01, 2005, 12:45:03 am »
A socket that doesn't force you to conform to some protocol (tcp, udp), lets you build your own packets.  It can be used to detect firewalls (sending invalid checksum), send to invalid ports, send with odd TCP flags, etc.


Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Latest MS Patch Disables Raw Sockets
« Reply #20 on: May 06, 2005, 06:11:11 pm »
So basically a TCP socket (lets forget UDP for now) that lets you send your own header?
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Latest MS Patch Disables Raw Sockets
« Reply #21 on: May 07, 2005, 03:00:13 am »
Not necessarely TCP or UDP or anything.  You can send whatever you want.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Latest MS Patch Disables Raw Sockets
« Reply #22 on: May 09, 2005, 02:28:42 pm »
Quote
   
One attendee criticized the move away from raw sockets as sacrificing legitimate security firms' needs in order to secure less knowledgeable users.

"We are a security company, a lot of people here sell security software -- if it's going to work under Microsoft a lot of that stuff needs raw sockets," said the attendee. "What happened with us is that it broke our customers' applications."

Microsoft currently tells companies that need raw sockets support to move their applications to Windows 2003, but will not promise that raw sockets will be available in that version of the operating system much longer. "People are either going to use Windows 2000 or, as we are considering doing, move over to Linux," he said.

Microsoft's Snyder said the company was in the midst of an internal debate over whether and how to continue support for raw sockets.

"There is a lot--a lot--a debate going on regarding raw sockets," she said. "I can't say what the resolution is going to be in the future, however."

http://www.securityfocus.com/news/11115