Thanks to Lunarbicep for the heads up.
Posted on 01/16/2006 2:38:23 PM PST by ShadowAce
(CNET Networks Via Thomson Dialog NewsEdge)A Windows feature that automatically searches for Wi-Fi connections can be exploited by hackers, a security researcher has warned.
The feature is part of Windows XP and 2000 and was exposed as being vulnerable at hacker conference ShmooCon on Saturday by vulnerability researcher Mark Loveless.
Loveless claimed that hackers can take advantage of the feature to include a user's PC in a peer-to-peer network, giving them access to information on its hard drive.
When a PC running Windows XP or Windows 2000 boots up, it will automatically try to connect to a wireless network. If the computer can't set up a wireless connection, it will establish an ad hoc connection to a local address. This is assigned with an IP address and Windows associates this address with the SSID of the last wireless network it connected to.
The machine will then broadcast this SSID, looking to connect with other computers in the immediate area.
The danger arises if an attacker listens for computers that are broadcasting in this way, and creates a network connection of their own with that same SSID. This would allow the two machines to associate together, potentially giving the attacker access to files on the victim's PC.
Security experts contacted by ZDNet UK on Monday confirmed that the flaw exists, but said that it should not be a problem for those using firewalls.
Paul Wood, security analyst at MessageLabs indicated that users will probably be unaware that their computers have connected to the peer-to-peer network in such a way.
MessageLabs believes that users running Windows XP Service Pack 2 (SP2) are not at risk.
"This yet again is a wake-up call for those who haven't installed SP2. Any machines running a copy of XP without SP2 are saying 'Come and get me', as there are so many gaping threats," said Mark Sunner, chief technology officer at MessageLabs.
Get some protection
Experts recommended companies deploy a security policy, if one isn't already in place: "Any organization deploying a Wi-Fi network needs to implement a company security policy," said Sunner. "The potential victims are the road-warrior community. Does the in-house security department have a mechanism to check the visibility of remote machines?"
MessageLabs also recommended that individual telecommuters be given personal firewalls.
Individuals can also protect themselves by disabling Wi-Fi when not using it, said Greg Day, security analyst at McAfee.
MessageLabs advised the following:
"Users with Wi-Fi can disable the peer-to-peer facility by going to "Wireless Network Properties | Advanced | Network Access Point | Choose Infrastructure Networks Only," said Wood. "We recommend people only connect to infrastructure points, although some users may want to use peer-to-peer for head-to-head gaming and file sharing."
MessageLabs pointed out that system administrators can also mitigate the problem by blocking ports 135, 137, 138 and 139--which in Sunner's words "should be nailed shut already"--from accepting NetBIOS connections.
Day downplayed the potential of the attack: "Hackers are trying to class this as virus-like. You become part of the problem because your machine is now broadcasting on a peer-to-peer network. However, all this gives hackers is the ability to see other machines--they still have to write exploits. But if the user is patched or has a firewall, they are protected."
Sunner echoed those feelings: "I'm a purist, and for me the (virus) analogy is not rooted in reality. Could it be self-replicating? It's not really within the realms of possibility," said Sunner.
Criminal gangs were unlikely to target this flaw as it would be too labor-intensive to exploit, predicted MessageLabs, saying that it was "really a threat from script kiddies".
Microsoft did not immediately respond to a request for comment.
Thanks to Lunarbicep for the heads up.
I'm getting closer and closer to converting to Linux. Every piece of news like this moves me closer.
always turn off unneeded services, and this is one of them!!!
is this even news anymore. this is windows. another day another bug. Its like saying idiot posts on DU.
Windows IS a vulnerability or at least a liability.
Let's all encourage Iran, China, Russia, France, and North Korea to standardize on Windows...especially critical communications and defense systems.
BUMP!
This security risk is in the same vein as walking away from your laptop without at least locking the screen first - anyone can come by and spy on it when it is out of your physical possession. Proper habits and knowledge of how the technology works (even from a simple high-level perspective) makes this a complete non-issue.
The knuckleheads who complain about this particular security risk will be the first to scream when their laptop doesn't immediately connect to whatever Wi-Fi network they're attempting to access.
I always say, if you blindly rely on technology without even attempting to understand it first, don't be surprised when it bites you back.
Apparently, idiots post on FR too. Or are you splitting time?
I'm new to my computer. How do you lock the screen??? I
travel lots and leave my computer in hotel rooms all the time.
Please include me in your Tech Ping list. TIA.
in Windows XP, simply press CTRL-ALT-DEL and choose LOCK COMPUTER in the dialog box.
If you must move away from your machine while it is running, you can at least lock your screen or "password protect" Windows by hitting ctrl+alt+del and then clicking the Lock Computer button in the upper left hand corner of the Windows Security Dialog box. This works in Win2K and XP. It's the same thing as if you allowed your screen saver to come on, with the password protect option selected.
Cardinal rule for laptop users: Don't let your machine out of your sight while it's on and you're logged in, even for a minute. In all but the most trustworthy of environments, it will grow legs and walk away. If you leave it in your hotel room when you're on travel, out of site equals out of mind...lock it in the room safe if it will fit, or bury it in your suitcase between layers of clothes. Most laptop thefts are thefts of opportunity, so don't create the opportunity purposefully!
Finally, always back up your critical data and don't leave anything on your laptop that you or your company can't live without any longer than necessary.
Hope this helps...JK
No such option when I do that. There is shut down, stand by, hibernate, turn off, restart, log off, switch user. Any help would be appreciated.
What version of Windows do you have?
Thanks for the tips. I AM pretty careless--I use it mainly for browsing and emailing but my husband's business and personal finance stuff is on mine so that he has it
while we travel. I have been nervous about having this left unsecured. If I hit Ctl Alt Del I don't get the option of Lock the computer.
If you have a Windows key, pressing it and the L key at the same time locks your machine as well.
Windows XP with Service Pack 2.
huh? are you seriously claiming i am a DUmmie because i mock windows? you've got to be killing me.
That aside, as you claiming windows is secure? bwaahaha
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.