Slashdot Mirror

← Back to Stories (view on slashdot.org)

TCP/MS, We'll Cure What Ails You

Posted by michael on from the bait-and-switch dept.

Cringely can string some words together from time to time, and this week's installment is a pretty good one. He's been reading a little too much Gibson (raw sockets have nothing to do with the spread of MSTD [?] 's), but overall, he's probably right. When the time is ripe, I think we'll see a move exactly like this.

5 of 478 comments (clear)

  1. Re:Already been done... by sigwinch · · Score: 3, Funny
    This whole article is a red herring, and Cringley's about a technically literate as a door knob.
    I've stayed in hotels that have a computer in each door knob. I think you're overestimating Cringley's skills.
    --

    --
    Kuro5hin.org: where the good times never end. ;-)

  2. Re:Gibson wrote zone alarm? by jeremy+f · · Score: 5, Funny

    Gibson constantly plugs Zone Alarm, so it's not suprising that people who don't read carefully would think that Zone Alarm is a GRC product, not a Zone Labs product.

    If Gibson wrote Zone Alarm, it'd look as ugly as hell, have lots of BIG and alternating fonts, but be less than 300k in size, written in ASM, and fast as hell.

  3. Re:Raw Sockets == IP packet spoofing by mimbleton · · Score: 3, Funny

    So is 99% of personal Linux installations.
    What's your point ?

  4. Gibson wrote zone alarm? by Safety+Cap · · Score: 4, Funny
    By default, under this scenario, your PC becomes a TCP/IP read-only device. By running applications like Gibson's Zone Alarm you can -- right now -- severely limit the use of TCP/IP by applications on your PC

    I didn't know Steve Gibson wrote Zone Alarm. When did this happen? What happened to Zone Labs?!

    --
    Yeah, right.
  5. Not necessarily by marm · · Score: 5, Funny

    If these attacks used spoofed IP packets, there would be no easy defense.

    Except for if every damn net admin would WAKE UP and SMELL THE COFFEE and IMPLEMENT EGRESS FILTERING or SOURCE ROUTE VERIFICATION or whatever your router calls it.

    If you have a router built within the last 5 years, I can pretty much guarantee you it supports it. So turn it on already!

    If every border router on the internet used it, we could stamp out IP address spoofing overnight. No magic about it. All the border router has to do is check that the source address of the packet is within the range of addresses that it 'owns'. If it isn't, drop it, and log the MAC address so that it can be traced.

    Easy huh? Any router worth its salt can do it, so...

    Please!?!? What does it take to convince you?