anyone use SocketLock?

SocketLock is a utility that prevents all users from having access to raw sockets. the author says its not meant for windows xp final but id like to know if anyone ever used this on xp without any noticeable side effect, problems, or complications. does this provide necessary security?

 

I've been using it on my computer for about a year and it has not hurt anything that I know of.

 

I wouldn't say it's necessary. Some worms and attackers have used raw sockets for DoS attacks, so it may limit the effect of a worm you may be infected with but it wouldn't do anything to prevent malware from getting in. If I remember correctly, XP SP2 fixes this anyway.

If you have XP and don't have SP2, however, you should be able to run it without problems, if you really want to.

 

ive tried running SocketToMe and afaik, SP2 still allows raw socket access to users.

 

I and a number of other people i know have had it installed for several years now.

No problems to report with using it, makes sense to have it rather than not i think.


StevieO

 

So even on XP SP2 this tool can be useful? Yes I know I´m paranoid.

 

yes it can still be useful i suppose.

i have it running and have yet to notice any ill effects.

 

Yes I use it also. I also think it is of value. It does what it says.

Here is my list of passive protection:

HostsMan 2.1, ScrpTrap 1.03, Harden-it 1.1.0.0, SocketLock 0.92, xp-AntiSpy v3.96 & Windows Worms Doors Cleaner 1.4.1.

 

It's useless on XP SP 2.

 

Why do you think it´s useless Fernando? You´re a so called expert (if I remember correctly) so I´m sure you can explain it to me.

 

Somebody's been paying too much attention to Steve Gibson and his "raw socket" BS. No matter how many security professionals call Gibson on his know-nothing nonsense, people continue to buy it. Just listen to him with Leo Laporte on a "Security Now" podcast. Poor Leo doesn't know enough about security to recognize when Gibson is talking in circles to hide his ignorance. I would venture there are dozens - if not hundreds - of people on this board who could run circles around Steve Gibson as far as true knowledge of computer security is concerned. The only term I can think of that fits is "fraud."

Gibson's claims that raw sockets were a point of attack for the Blaster Worm were completely unfounded. Though, if you read his Wikipedia entry, you'll see he (or somebody) continues to put this fallacy back into his Wikipedia entry. He no longer mentions that "raw sockets" would mean "the end of the Internet." His words, folks.

Please, don't worry about raw sockets. It only gives a security crank a smile. He deserves nothing more than a swift kick in the.....

If you're still worried, read a little truth at GRCSucks.com or The Rise & Fall of GRC.

 

SocketLock wasn't designed for XP etc so that's why it's not suitable ! It was written by Kevin McAleavey of BOCLean, and i don't doubt his knowledge or skills. So if he wrote it to bettter protect 98 etc, that's good enough for me.

On the Steve Gibson statement about Raw Sockets, the podcast on Browser Security included some more info about them and him.
__________________

QUOTE from grc.com

"Steve: Well, the big problem, of course, are not individual end-users who are doing this, but there are people whose computers are affected by these remote-control IRC bots.

Leo: right. We’re not worrying about Granny using raw sockets. But we’re worried about her computer being used by a bad guy and raw sockets.

Steve: Exactly. And then attacks being launched from her computer. And having the advantage of raw sockets means that it’s easier to produce a denial-of-service attack on other machines, which is virtually impossible, I mean, practically impossible to trace back. So I was really..."

http://www.grc.com/sn/SN-038.htm
____________________

Make your own minds up about it, but whatever some people say about him, i definately learned a lot from his website a few years ago on security etc, and still do !

StevieO