Somewhere Steve Gibson is smiling

Nmap, the widely used scanning tool, does not work under XP sp2. Of course there are those that will say that Nmap has never worked under windows, its a bastardized port of a good UNIX tool. They may be right, but it was a good scanner.
On a Microsoft XP SP beta newsgroup the following was posted:
“We have removed support for TCP sends over RAW sockets in SP2.
We surveyed applications and found the only apps using this on XP were
people writing attack tools. ”
Fyoder has posted that since he has a port for Windows 95 he can do it without raw sockets, but he’s working on other things right now.
Gibson’s press campaign to gain notoriety, um I mean warn people about the HORROR of Raw Sockets in XP has finally born fruit and support for TCP Raw Sockets has been removed by Microsoft. In June 2001 Gibson warned that complete Internet meltdown was imminent if Windows XP were allowed to exist with raw sockets. Gibson is right, zombie attacks are dangerous. But I dont mean 0wn3d Windows XP boxes, I mean an army of zombie followers who uncritically click on a “tell Microsoft to remove raw sockets” link.
So we can all breath a huge sigh of relief. The scourge of TCP raw sockets has been lifted. Of course Gibson must have publicity, so I guess he’s say that step was worthless with out removing UDP raw socket support as well.
Whether or not the raw socket “problem” is solved or not really isn’t the point. Raw sockets never were a problem is ISPs performed proper egress filtering. Removal of raw socket support from one Operating System is insignificant when other Operating Systems support it.
I liked this post over at MSDN (a user not a employee):
You’re damned if you do and damned if you don’t. That’s what you get for being successful.
Notably, however, support for sends over raw sockets has been removed in SP2. There is absolutely nothing to stop a third party library such as WinPCap being installed to regain this ability, except running as a non-admin.
Steve Gibson is happy. However, has anything really been gained? No. Which only goes to indicate that MSFT were better off ignoring his advice in the first place.