> Just a quick question about those in the know about Windoze raw sockets
and
> firewalls. I've asked several firewall suppliers (Tiny, etc) how their
> products cope with raw sockets, i.e. whether the firewall covers only the
> TCP/IP stack or whether they make some attempt to protect against raw
> socket accesses, too. None of them are forthcoming on this issue which
only
> leads me to think that they do not protect and that you are quite exposed
> on a raw socket system, in terms of trojans/spyware/etc even with such a
> firewall (ok, yes, you are exposed anyway as it is not difficult to send
> data out via browsers and such like but that is another issue).

Raw sockets (on your pc) are not a threat to *your* computer.  They are a
serious threat to the rest of the world.  Unfortunately, most routers and
personal firewall systems don't seem to care if the source ip address is
believable.  If ISP's would only implement some simple filtering, ip address
spoofing would become allot less effective.  MS demonstrated 0
responsibility in addressing the issues that raw sockets present.  In
distributed DOS attacks, there is no way to protect yourself from spoof
attacks and still remain on the internet.  If you can't tell the "good guys"
from the "bad guys" there's not much you can do to filter out the bad ones.

> Anyone have any comments on this subject, preferably minus ones involving
> "switch to Linux/*nix" ;-)?

I won't say it then. ;-)

> Regards,
> Dan

--
http://www.piclist.com hint: PICList Posts must start with ONE topic:
[PIC]:,[SX]:,[AVR]: ->uP ONLY! [EE]:,[OT]: ->Other [BUY]:,[AD]: ->Ads