-
Russell Mickler, Principal Consultant, has over 17 years of professional experience leading and managing IT organizations.
Prelude to a Hack
Written on December 27, 2008
Leave a Comment
|
Okay, so I’m on vacation and sitting at a resort when I decide to do a little network sniffing. I yanked out one of my tools called Look@Lan (http://www.lookatthelan.com/), and started scanning the open IP range of the wireless network that I’m connected to. I opened the scan wide across multiple subnets so it takes about five minutes.
Within that time, I capture about 19 connected IP’s, 13 of which are open Windows systems that appear with their NetBIOS (computer) name and IP address, and some basic information about the PC. Doing a port scan on a few of these machines, I can see the ports that they have open, and what kinds of services are listening. Finally, I walk up to the front door of an unprotected system: I type in a direct UNC (Universal Naming Convention) representation of one of the PC’s and I’m confronted with the system’s shared C: drive.
Wow, that was easy. I didn’t open the folder though – that would be trespassing; even my use of the Look@Lan tool is probably a violation of the Acceptable Use Policy I signed for access.
But here’s my point. Whenever you connect your system to a wireless network, your PC will likely advise you that you’re connecting to a public space. Hopefully, you’ve got a firewall enabled so that this kind of stuff can’t happen. To my tool, systems protected by a firewall appear as an IP address without subsequent information – I can’t read their O/S type, I can’t conduct a port scan, and I can’t determine their computer name.
Consequently, for these 9 systems without a firewall, I could start conducting some nasty casing and hacking – somebody who wanted to know more about these systems could pull out L0phtcrack or any other range of tools and begin monitoring it. Just the presence of a software firewall on the other systems renders my snooping null. I can see the IP’s, but I can’t really do much about it.
If you’re running Vista, you’re covered. If you’re running Windows XP, make sure that you’ve downloaded Service Pack 3. The native firewall is automatically installed. For extra free protection, download these three freebie applications:
1. Zonealarm (http://www.zonealarm.com/). A free firewall.
2. AVG (free.avg.com). A free antivirus and antispyware utility.
3. Malewarebytes (http://www.malewarebytes.com/). A free antispyware utility, more robust and thorough as a malware detector.
If Megan here (ahem – the PC whose front door I knocked on) was running Zonealarm or had a patched operating system, I couldn’t even get this far. Next time you’re connected to a public network, hopefully, you won’t be either…
R