Thread: OT: MS Tried to Hack My Computer???
View Single Post
  #22  
Old August 15th, 2004, 02:30 AM
Sivran's Avatar

Sivran Sivran is offline
Sergeant
  
Join Date: Dec 2003
Posts: 251
Thanks: 0
Thanked 0 Times in 0 Posts
Sivran is on a distinguished road
Default Re: OT: MS Tried to Hack My Computer???
Quote:
Baron Munchausen said:
I am far from an expert myself. Of course, where Wind'ohs is concerned I doubt that anyone is an expert. We learn this every few days when a new Wind'ohs exploit is published.

The way Wind'ohs configures itself by 'default' -- or used to, it could be different now with Win 2000 and Win XP -- is for a LAN connection, meaning it installs a bunch of services for giving access to other computers to YOUR FILES. Not good for most people. That's what NETBIOS is about, sharing printers and files across a LAN.

It's not very difficult to fix, though. Anyone who can do the routine stuff you do to setup a dialup connection can fix this problem. Rather than type it all in myself I'll point you to the source at Gibson Research. He calls it 'Network Bondage' in a semi-humorous way because it's about protocol bindings...

http://www.grc.com/su-bondage.htm

You could find this same information from other sources, I'm sure, but that is the source I am familiar with. This is as good an explanation as any. All you need to do is follow the directions on clicking a few boxes, then reboot and you're much more secure than the default way that Wind'ohs is installed.

It wouldn't hurt to read the other pages in the 'Shields Up!' site, either.
You got it backwards. Windows 9x machines come pre-configured for <i>nothing at all</i>, which means freshly-installed, a 9x box is actually plenty secure. You have to add networking once it's up, and even then, once File and Print sharing is installed you <i>then</i> have to explicitly share your directories/drives. Only then will port 139 open up and expose your file system.

By contrast 2k and XP set up networking <i>during</i> installation, which can lead to infection prior to even completing the install if connected without a router between the computer and the big, nasty, wan.

And finally, GRC is a lot of hype (just look at Gibson's credentials. He's a <i>marketting</i> guy!). You're no safer under stealth than you are with closed ports, and perhaps more vulnerable--when your system fails to respond it could be red-flagged as a "newbie GRC reader." Disabling netbios over TCP and installing NetBEUI is also unnecessary assuming you're behind a firewall or router, though it is another layer of security. Routers will block netbios connection attempts without any configuring. A software firewall will have to be configured to only allow netbios from the lan, assuming you HAVE a lan you want to share files on. If not just configure the firewall to block any traffic to and from ports 137-139 for 9x/Me and also 445 for 2k/XP.
Reply With Quote