Microsoft States Full TCP/IP Too Dangerous

daria42 writes "To fully implement the TCP/IP protocol in Windows XP would make creating denial of service attacks 'entirely too trivial', Microsoft has claimed. The company was responding to claims by Nmap author and well-known security expert Fyodor that by repeatedly disabling the ability to send TCP/IP packets via the 'raw sockets' avenue, Microsoft was asking the security community to 'pick their poison': either cripple their operating system or leave it open to hackers. Admitting that a recent security patch had intentionally disabled a community-developed workaround to Microsoft's TCP/IP changes - which were first implemented in Windows XP Service Pack 2 - the company claimed it had received little negative feedback on the issue."

No matter what MS does, people will complain

[harlows_monkeys]

Before XP, they did not support raw sockets, and they got blasted by Steve Gibson for adding support for them in XP.

So now they are getting blasted for taking them out.

Sounds like MS gets to choose: make Gibson happy, or make Fyodor happy.

So who uses windows to scan networks?

I mean really, I'm going to take a windows machine into a client's network to scan? I stand the double risk of having something happen to my machine or, worse, having my machine do something to their network.

OpenBSD on laptop, loaded with required software, not even sshd running, means acceptable risk for both of us, and lower risk of heart-attack for me.

Re:News Flash: Butter is good on toast!

[cortana]

Yup. The only solution is to design the OS correctly in the first place. Unfortunatly MS missed the boat on that by about 11 years, and we're all still paying for it.