Re: Raw Sockets in WinXP

From: Jim (mlist@budget.co.nz)
Date: 07/27/01 

Message-ID: <001f01c11626$40aafac0$0f01a8c0@jimamd>
From: "Jim" <mlist@budget.co.nz>
To: <SECURITY-BASICS@SECURITYFOCUS.COM>
Subject: Re: Raw Sockets in WinXP 
Date: Fri, 27 Jul 2001 10:56:48 +1200

> I'm curious.. Presuming XP is similar to NT in that normal user accounts
> are not the same as admin accounts, and it can be configured so that only
> admin accounts can do things like install drivers or otherwise modify the
> system, could Microsoft set things up so that only accounts specificly
> granted the rights to do so could open raw sockets?

This could definitely be done. Whether it would solve the problem people
are complaining about, I don't know. Given the huge number of
vulnerabilities in MS OS's, getting access to a priveledged account in order
to create the raw sockets would probably not be an issue, merely another
step on the way. I'm assuming the ability to create raw sockets wouldn't be
restricted for an administrator, which would likely be the first account to
be cracked anyway.

> This would allow apps that need raw sockets (which are generally few and
> far between for regular users) the capability without giving every trojan
> the same ability.

If the ability is there, people will find a way to use it and exploit it.

> Surely the folks at microsoft have thought of this solution. Do they
> simply not care? Have they said that they won't do this?

I'm not sure that Microsoft don't CARE about security, but it's certainly
not foremost in their mind when they design their products.

-----------------------------------------------
This message is confidential. If you are not the intended recipient you must not read or do anything else with this message.
If you have received this message in error please notify us immediately by return email and destroy this email. Thank you.

Relevant Pages

  • Re: Raw Sockets in WinXP
    ... Subject: Raw Sockets in WinXP ... Presuming XP is similar to NT in that normal user accounts ... >> are not the same as admin accounts, and it can be configured so that only ... could Microsoft set things up so that only accounts specificly ...
    (Security-Basics)
  • RE: Policy enforcement- Admin accounts
    ... GPO on an OU, so you can set a different password policy. ... Subject: Policy enforcement- Admin accounts ...
    (Security-Basics)
  • Re: Minimum password requirements
    ... but this is based on my experiences with a variety ... This would be all admin accounts, ... reason they want to change the password every day I'd let them. ... Ripper/etc to audit the passwords on admin accounts (which is a mixed ...
    (Security-Basics)
  • Welcome screen doesnt allow logins.
    ... I have only two accounts on my machine: Admin and a User account. ... When i logout of User or Admin accounts and get to the Welcome screen, ... The logon white boxes are there, but i cannot type my password inside of them. ...
    (microsoft.public.windowsxp.help_and_support)
  • Users cannot use printer/scanner/sound?
    ... accounts only in admin accounts, ... patched it for win2000 and it worked in admin mode) works ... compatibility cause the device not to work in user mode? ...
    (microsoft.public.windowsxp.security_admin)