>Jerry,
>
>I don't know where you saw it, but I did read about this problems on Gibson Research's web site:
>
>http://grc.com/dos/sockettome.htm
>
>Is a link where Steve Gibson talks about the horrors that could be inflicted on us due to MS's ignorance.


I've seen that. Microsoft has an opposite opinion, as you would expect. And, not being able to see their code, one can only run external tests to see if such problems would occur. If Gibson can create exploits, and he is not the brightest bulb in the box, you can rest assured other, more talented people are exploiting them to the max. I have often wondered if there was a relationship to the appearance of these bugs and the intrusion into Microsoft's intranet last summer. It would have taken about 6-10 months to scan code for weaknesses and test them out.

I saw today that an ISP was sending shutdown notices to groups of their users who ignored the Nimda warnings and avice and have refused to patch their IIS servers. If more ISPs would do that it would go along way to squashing these Microsoft centric viri, worms and trojans. The bandwidth consumed by their constant scanning had made a noticable dent in the speed of the internet and was effecting everyone, regardless of the OS they are using.



>
>And to think I'm usually the one defending MS's practices. But not in this case. It most certainly appears they need to get some more security experts assigned to the MS campus.
>
>PF
>
>>
>>I've heard that script kiddies will find it easier to spoof packets and bomb the internet in increasing numbers, if that is possible.