System intrusion in 15 seconds, that’s right it can be done. If
you possess certain security flaws your system can be broken
into in less that 15 seconds.
To begin this chapter I’d like you to do the following. Connect to
the Internet using your dial up account if you are on dial up. If
you are on dedicated service like High Speed connections (ie,
Cable and DSL) then just proceed with the steps below.
you possess certain security flaws your system can be broken
into in less that 15 seconds.
To begin this chapter I’d like you to do the following. Connect to
the Internet using your dial up account if you are on dial up. If
you are on dedicated service like High Speed connections (ie,
Cable and DSL) then just proceed with the steps below.
• Click Start
• Go to Run
• Click Run (It’s a step by step manual) :-)
• Type Winipcfg
• Hit the Enter Key
* For editorial reason the above info has been omitted *
What you should see under IP address is a number that looks
something like this.
207.175.1.1 (The number will be different.)
If you use Dial Up Internet Access then you will find your IP
address under PPP adapter. If you have dedicated access you
will find your IP address under another adapter name like (PCI
Busmaster, SMC Adapter, etc.) You can see a list by clicking
on the down arrow.
What you should see under IP address is a number that looks
something like this.
207.175.1.1 (The number will be different.)
If you use Dial Up Internet Access then you will find your IP
address under PPP adapter. If you have dedicated access you
will find your IP address under another adapter name like (PCI
Busmaster, SMC Adapter, etc.) You can see a list by clicking
on the down arrow.
Once you have the IP address write it down, then close that
window by clicking (OK) and do the following.
• Click Start
• Go to Run (Click on Run)
• Type command then Click OK
At this point you should see a screen
window by clicking (OK) and do the following.
• Click Start
• Go to Run (Click on Run)
• Type command then Click OK
At this point you should see a screen
Type the following at the Dos Prompt
• Nbtstat –A IP address
For example: nbtstat –A 207.175.1.1
(Please note that you must type the A in capitol letters.)
• Nbtstat –A IP address
For example: nbtstat –A 207.175.1.1
(Please note that you must type the A in capitol letters.)
I’ll show you now how that information can be used to gain
access to your system.
A potential hacker would do a scan on a range of IP address for
systems with “File and Printer Sharing” turned on. Once they
have encountered a system with sharing turned on the next step
would be to find out what is being shared.
This is how:
Net view \\<insert ip_address here>
Our potential hacker would then get a response that looks
something like this.
Shared resources at \\ip_address
Sharename Type Comment
MY DOCUMENTS Disk
TEMP Disk
The command was completed successfully.
This shows the hacker that his potential victim has their My
Documents Folder shared and their Temp directory shared. For
the hacker to then get access to those folders his next command
will be.
Net use x: \\<insert IP address here>\temp
If all goes well for the hacker, he/she will then get a response of
(The command was completed successfully.)
At this point the hacker now has access to the TEMP directory of
his victim.
Q. The approximate time it takes for the average hacker to do
this attack?
R. 15 seconds or less.
access to your system.
A potential hacker would do a scan on a range of IP address for
systems with “File and Printer Sharing” turned on. Once they
have encountered a system with sharing turned on the next step
would be to find out what is being shared.
This is how:
Net view \\<insert ip_address here>
Our potential hacker would then get a response that looks
something like this.
Shared resources at \\ip_address
Sharename Type Comment
MY DOCUMENTS Disk
TEMP Disk
The command was completed successfully.
This shows the hacker that his potential victim has their My
Documents Folder shared and their Temp directory shared. For
the hacker to then get access to those folders his next command
will be.
Net use x: \\<insert IP address here>\temp
If all goes well for the hacker, he/she will then get a response of
(The command was completed successfully.)
At this point the hacker now has access to the TEMP directory of
his victim.
Q. The approximate time it takes for the average hacker to do
this attack?
R. 15 seconds or less.
Not a lot of time to gain access to your machine is it? How many
of you had “File and Printer Sharing” turned on?
Ladies and Gentlemen: This is called a Netbios attack. If you are
running a home network then the chances are you have file and
printer sharing turned on. This may not be the case for all of you
but I’m sure there is quite a number of you who probably do. If
you are sharing resources please password protect the
directories.
Any shared directory you have on your system within your
network will have a hand holding the folder. Which looks like
this.
You can check to find which folders are shared through Windows
Explorer.
• Click On Start
• Scroll Up to Programs
At this point you will see a listing of all the different programs on
your system
Find Windows Explorer and look for any folders that look like the
above picture.
Once you have found those folders password protect them
of you had “File and Printer Sharing” turned on?
Ladies and Gentlemen: This is called a Netbios attack. If you are
running a home network then the chances are you have file and
printer sharing turned on. This may not be the case for all of you
but I’m sure there is quite a number of you who probably do. If
you are sharing resources please password protect the
directories.
Any shared directory you have on your system within your
network will have a hand holding the folder. Which looks like
this.
You can check to find which folders are shared through Windows
Explorer.
• Click On Start
• Scroll Up to Programs
At this point you will see a listing of all the different programs on
your system
Find Windows Explorer and look for any folders that look like the
above picture.
Once you have found those folders password protect them
No comments:
Post a Comment