|
Vulnerability Development
mailing list archives
Re: Crack Office XP
From: H D Moore <hdm () secureaustin com>
Date: Mon, 11 Jun 2001 00:09:09 -0500
This is definately not an issue for the vuln-dev mailing list. So Win2K and
WinXP can spoof packets, so could Win9x/ME given the right code. It was
possible to send forged packets with win95 by accessing the raw modem device
(not as difficult as it sounds) and sending raw ppp packets (aggressor). You
could also forge packets by writing them at the NDIS layer, either by using a
custom packet driver or hooking into the TDI api. That Microsoft is finally
complying to the Winsock standard shouldn't be cause for people to get upset.
<rant>
This seems like yet another attempt for Mr Gibson to get press by
overreacting to a non-issue. Every single network project on his web site is
based on him "rediscovering" old problems, presenting himself as the leading
authority, and failing to do a good job of conveying the real threat. Take
his "nanopackets" project, where he describes an IP packet in binary context
which somehow makes it much more interesting than an IP packet in more
understandable format.
</rant>
-HD
On Sunday 10 June 2001 05:27 pm, ricardo_x wrote:
... just wanted to add my 2 cents:
folks,
regardless whether any progy/os is crackable or not (btw please add
office-xp to the list)
what I find incredible and a true issue to this newsgroup is micro$oft's
intention to 100% implement
the raw sockets specification. (see more info at Steve Gibson'
http://grc.com/dos/winxp.htm)
welcome to the jungle,
ricardo
 By Date 
By Thread
Current thread:
|
Intro
