This is a real problem. It's not FUD. Microsofts choice to include full IP stack capabilities will make the problem worse, but I do not blame their IP stack for this like Mr Gibson does though.
Oh, it's most certainly a real problem, but I don't agree that the changes in Win XP will really make any difference whatsoever. With some very trivial driver additions, raw sockets can be accessed under any previous version of Windows, just like in XP. That's where the FUD comes in - Gibson, it seems, is just trying to drum up support for whatever his next big project is to magically make your computer safe.
What should we do?
Well, like has already been mentioned, somehow getting people to filter properly could help - we got hit by a (unrelated, we think) spoofed SYN flood a few days back. If that ISP had simply egress filtered their traffic, that person using a single machine (only guessing here) couldn't have sent their 200k/sec of spoofed SYN at us. I'm sure they could have found another way, but it would have made them work a little harder, and this type of person often doesn't want to bother with that extra little bit of work, and would just give up. Tim -- Tim Wilde twilde@dyndns.org Systems Administrator Dynamic DNS Network Services http://www.dyndns.org/