North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: The Death of TCP/IP
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> Raw socket support in NOT a bad thing. I wonder if Robert >> Cringely and Steve Gibson are friends. >> >True, Raw socket support alone is NOT a bad thing. Raw socket >support on >hundreds of thousands of hosts that have well known exploitable >holes that >can easily be used by any script kiddie to generate widespread DDOS >attacks >in a completely anonymous fashion little more than a downloaded >script are a bad thing. You'll notice he didn't rail against raw >socket >support >in NT, *Nix, etc. He railed against an OS with all the security of >Win3.1 >being given raw socket support. Not to flog a dead horse here, but if everyone would simply apply proper ingress/egress filters at their borders this would all be a moot point. It's hard to perpetrate an anonymous dDOS attack if the packets aren't making it out of the originating network...and given that this is, after all, a list for *network operators* it really shouldn't be necessary to continually point this out. Andrew -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO27aX9U0NpnwXzrpEQInuwCdE7Rg7F7/IQp7nYfhBGasSWabTcUAn0ke kqsNEwLckWCPIlWZB/bWLPxA =hEEn -----END PGP SIGNATURE-----
|