Re: Crack Office XP

[H D Moore <hdm () secureaustin com>]

This is definately not an issue for the vuln-dev mailing list.  So Win2K and 
WinXP can spoof packets, so could Win9x/ME given the right code.  It was 
possible to send forged packets with win95 by accessing the raw modem device 
(not as difficult as it sounds) and sending raw ppp packets (aggressor).  You 
could also forge packets by writing them at the NDIS layer, either by using a 
custom packet driver or hooking into the TDI api.  That Microsoft is finally 
complying to the Winsock standard shouldn't be cause for people to get upset. 

<rant>
This seems like yet another attempt for Mr Gibson to get press by 
overreacting to a non-issue. Every single network project on his web site is 
based on him "rediscovering" old problems, presenting himself as the leading 
authority, and failing to do a good job of conveying the real threat.  Take 
his "nanopackets" project, where he describes an IP packet in binary context 
which somehow makes it much more interesting than an IP packet in more 
understandable format.  
</rant>

-HD

On Sunday 10 June 2001 05:27 pm, ricardo_x wrote:
> ... just wanted to add my 2 cents:
>
> folks,
> regardless whether any progy/os is crackable or not (btw please add
> office-xp to the list)
> what I find incredible and a true issue to this newsgroup is micro$oft's
> intention to 100% implement
> the raw sockets specification. (see more info at Steve Gibson'
> http://grc.com/dos/winxp.htm)
>
> welcome to the jungle,
>
> ricardo