Proxy 2.0 secure? (about ms protocol stack)

tqbf@pobox.com tqbf@pobox.com
Fri, 26 Jun 1998 01:00:19 -0500 (CDT)


> ms tcp/ip stack is substantially less mature than, say, unix' (both bsd
> & s5, i don't know what else is there to compare...).   ms stack seems
> particularly vulnerable to faulty ip fragments, and various malformed

We don't know this for sure. It happens that some of the most publicized
denial of service attacks on the Internet in recent history have affected
Windows NT; it also happens that people pay more attention to bugs that
affect Windows NT, and pay more attention to the fact that a given bug
affects Windows NT (when it may affect many other operating systems).

Windows NT certainly does not boast a mature TCP/IP stack --- read the
archives of the tcp-impl mailing list to see some of the world's most
authoritative TCP implementors explain why. However, the real reason why
it's reasonable to claim that Windows NT's stack is less secure than, say,
4.4BSD's, is that we don't have access to it's source code. I'm no more
confident in AIX's (to name a large commercial Unix platform at random)
stack. 

Security software which has neither open source nor published peer review
results should not be trusted. Since the industry doesn't seem to want to
meet these criteria for (almost) ANY commercial security software, you
take what you can get.

-----------------------------------------------------------------------------
Thomas H. Ptacek	                   SNI Labs, Network Associates, Inc.
-----------------------------------------------------------------------------
http://www.pobox.com/~tqbf	 "If you're so special, why aren't you dead?"