Steve Gibson, GRC and "nanoprobes"


In 2000, Steve Gibson wrote a lengthy article about his new technology he dubbed "nanoprobes". This came with a load of press, improbably claims and a lot of skepticism from the security community. The first page should raise suspicion with the over-use of words like "custom" (especially applied to an RFC-based protocol standard), and "super-hardened" as applied to a "custom TCP protocol" implementation.

Gibson goes on to talk about how he made a TCP/IP stack that is not vulnerable to exhaustion based DoS attacks. One might think that a "super-hardened" TCP/IP stack that is incapable of succumbing to DoS attacks might be adopted all over. Yet, it hasn't. Nanoprobes supposedly have the ability to penetrate "stealth technology", bypass the security of firewalls or NAT devices and more. Yet, these techniques haven't been reproduced to the degree Gibson claims in the ten years since publication. More importantly, manipulating packets in the manner he describes would not bypass anything, rather, they would be dropped by most devices.

For more amusing observations about Nanoprobes, read through the extensive Slashdot discussion.

main page ATTRITION feedback