Re: NT security et al (Dangers of NetBIOS/NBT?)

[coxa () cableol net (Alan Cox)]

> I've read fairly similar sentiments about having NetBIOS or NBT floating =
> around on our internet/firewall subnets, but I've not heard anyone =
> discussing exactly what the dangers of this are.  There are obvious =
> 'pain's in the butt' when this is happening (such as lots of unnecessary =
> deny messages logged against firewall bastion or router logs), but =
> that's about all...  Can some one expand in detail what the known or =
> perceived dangers of NetBIOS or NBT are?

o       Windows 3.11 has share bugs microsoft will never apparently fix,
        whereby any share allows the whole disk to be accessed by using
        a ../../.. type construct and the smbfs client code.

o       Early windows 95 seems to have the same bug. In both cases this
        can be a disaster as the windows .PWL files up until the latest
        Win95 patches are trivially crackable

o       Windows NT apparently has a bug whereby users can erase the entire NT
        server disk in the default NT configuration

o       There is no encryption of data, so all the usual spoofing attacks work

o       There are ways to trip the clients into doing plain text password
        authentications (Yum yum ;))

o       There is no failed authentication logging on windows, so a dictionary
        attack can run all week and there won't be so much as a blip in the
        logs

All of these are exploitable over TCP/IP as well. Very handy for breaking into
Windows 95 machines on a remote network and adding a binary and changing
autoexec.

Whether you block outgoing netbios sessions is an open question, blocking
incoming ones is a forgone conclusion.

Novell netware is only slightly more secure, you do get some protection
if that is suitably set up, but users can bring down Novell 3 servers by
sending a suitable packet, and can really mess around by broadcasting fake
license messages. Since Novell has directed broadcast that can be done
across IPX backbones.

Alan