June 06, 2001, 8:15 AM — Windows XP, Microsoft Corp.'s forthcoming operating system, has the potential to escalate Denial of Service (DoS) attacks to a level never before seen, according to a computer security researcher.
Windows XP, set to be released on Oct. 25, is more open to being used in DoS attacks than previous versions of Windows because Microsoft has fully implemented a networking technology called Unix Sockets, according to Steve Gibson, founder and owner of Gibson Research Corp., a computer security product maker.
Unix Sockets, long a standard part of Unix operating systems, has only recently been fully included in Windows, starting with Windows 2000 and now in XP, Gibson wrote, in a piece on his Web site about DoS attacks that had been launched against his company by a 13-year-old.
DoS attacks can disable a Web server or other type of computer by bombarding it with a high volume of fake requests for information, causing the target computer to crash or become so overloaded that it grinds to a halt.
The implementation of Unix Sockets is troubling, Gibson wrote, because they are frequently used in two aspects of DoS attacks: falsifying IP (Internet protocol) addresses -- a technique called spoofing which makes the source of an attack harder to pinpoint, and allowing computers to flood other computers with certain types of traffic, in this case, the kind of TCP (transmission control protocol) packets that can bring down Web servers.
Using Unix Sockets in a consumer operating system like Windows XP is particularly dangerous because the combination of users who are not security experts, an insecure operating system and broadband Internet connections will likely lead to "an escalation of Internet terrorism the likes of which has never been seen before," Gibson wrote.
Windows XP systems will be targets for hackers to take over and use in DoS and Distributed DoS attacks (attacks in which multiple computers worldwide are taken over and used in an attack) because they will be both powerful and easy to break into, Gibson wrote. Computers can be taken over, or primed for use in such attacks, without their owners even knowing. Worms, such as those spread through e-mail, like the Lion worm, can contain hidden code that will allow a hacker access to the system when they want to launch a DoS attack.
When married with high-speed Internet connections, Windows XP systems could be used to launch a DoS attack beside which "the historical problems with Internet attacks promise to pale in comparison," Gibson wrote.