

The Strange Tale of DoS Attacks Against GRC.COM (2001) - Hoff
http://www.crime-research.org/library/grcdos.pdf

======
tptacek
I'm not sure but I think this is the crack-addled post that started the GRC
"raw sockets are evil" meme.

GRC, if you aren't familiar, enjoys a reputation as something of an old crank
in the security industry. Imagine if Dvorak shifted his focus entirely to
Internet security and learned enough Visual Basic to write Windows utilities,
and you've got the flavor.

One of Steve Gibson's pet controversies is the notion that raw sockets are a
terrible flaw, because they allow attackers to spoof packets. When Win32 added
them to the "official" API, he campaigned loudly against them and predicted a
catastrophe based on Windows DDoS tools.

This is, of course, a retarded idea. There's a whole menagerie of off-the-
shelf facilities programmers can use to get raw packets onto the wire, from
drivers like Winpcap to entire embedded stacks like Lwip, which is what
BluePill uses. Singling out raw sockets is unproductive, and speaks to a real
lack of understanding of how operating systems actually work.

~~~
wglb
Yes, this is the post that started his ill-informed crusade.

One minor thing--he proudly wrote most of his little utilities in assembler as
somehow they were pure.

------
ax0n
Whenever someone starts a sentence with "Steve Gibson says..." I usually kick
them in the nuts and run away.

------
pronoiac
If you would rather read it as a webpage:

[http://web.archive.org/web/20010605024447/http://grc.com/dos...](http://web.archive.org/web/20010605024447/http://grc.com/dos/grcdos.htm)

