SocketToMe and SocketLock - Printable Version
+- ConCen (http://concen.org/forum)
+-- Forum: Main (/forum-4.html)
+--- Forum: Nerds & Geeks (/forum-27.html)
+--- Thread: SocketToMe and SocketLock (/thread-13865.html)
SocketToMe and SocketLock - Shinobi - 10-20-2007 06:06 AM
SocketToMe and SocketLock were created to clarify and demonstrate the feasibility of implementing a simple alteration in the way Microsoft is currently exposing abuse-prone raw sockets to typical Windows users.
Socket to me:
SocketToMe is a general purpose raw socket availability detector. It may be used by anyone on all past, present, and future versions of Microsoft Windows operating systems.
SocketToMe reveals the maximum raw socket access available to programs being executed by the logged on user.
Programs may either have no raw socket access, partial (safe) access, or full (unsafe) access.
Although SocketToMe can be used alone, it was created for use with its companion "SocketLock" tool.
SocketLock can be used by users of Windows 2000 or pre-release testers of Windows XP.
While the SocketLock device driver is installed, the system's privileged background services have unrestricted access to full raw sockets, but the programs executed by any users, regardless of their privilege, will be denied raw socket access.
SocketLock is not intended to be a solution to the problem of raw socket abuse under Windows XP because there is no way to get every Windows XP user to run the program. Instead, it demonstrates that, abuse-prone and dangerous raw sockets do NOT need to be exposed to the system's users.
How to: http://www.grc.com/dos/sockettome3.htm