-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Raw socket support in NOT a bad thing. I wonder if Robert Cringely and Steve Gibson are friends.
True, Raw socket support alone is NOT a bad thing. Raw socket support on hundreds of thousands of hosts that have well known exploitable holes that can easily be used by any script kiddie to generate widespread DDOS attacks in a completely anonymous fashion little more than a downloaded script are a bad thing. You'll notice he didn't rail against raw socket support in NT, *Nix, etc. He railed against an OS with all the security of Win3.1 being given raw socket support.
Not to flog a dead horse here, but if everyone would simply apply proper ingress/egress filters at their borders this would all be a moot point. It's hard to perpetrate an anonymous dDOS attack if the packets aren't making it out of the originating network...and given that this is, after all, a list for *network operators* it really shouldn't be necessary to continually point this out. Andrew -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO27aX9U0NpnwXzrpEQInuwCdE7Rg7F7/IQp7nYfhBGasSWabTcUAn0ke kqsNEwLckWCPIlWZB/bWLPxA =hEEn -----END PGP SIGNATURE-----