Bugtraq mailing list archives
Re: NT security et al (Dangers of NetBIOS/NBT?)
From: coxa () cableol net (Alan Cox)
Date: Fri, 27 Sep 1996 09:17:34 +0100
I've read fairly similar sentiments about having NetBIOS or NBT floating = around on our internet/firewall subnets, but I've not heard anyone = discussing exactly what the dangers of this are. There are obvious = 'pain's in the butt' when this is happening (such as lots of unnecessary = deny messages logged against firewall bastion or router logs), but = that's about all... Can some one expand in detail what the known or = perceived dangers of NetBIOS or NBT are?
o Windows 3.11 has share bugs microsoft will never apparently fix, whereby any share allows the whole disk to be accessed by using a ../../.. type construct and the smbfs client code. o Early windows 95 seems to have the same bug. In both cases this can be a disaster as the windows .PWL files up until the latest Win95 patches are trivially crackable o Windows NT apparently has a bug whereby users can erase the entire NT server disk in the default NT configuration o There is no encryption of data, so all the usual spoofing attacks work o There are ways to trip the clients into doing plain text password authentications (Yum yum ;)) o There is no failed authentication logging on windows, so a dictionary attack can run all week and there won't be so much as a blip in the logs All of these are exploitable over TCP/IP as well. Very handy for breaking into Windows 95 machines on a remote network and adding a binary and changing autoexec. Whether you block outgoing netbios sessions is an open question, blocking incoming ones is a forgone conclusion. Novell netware is only slightly more secure, you do get some protection if that is suitably set up, but users can bring down Novell 3 servers by sending a suitable packet, and can really mess around by broadcasting fake license messages. Since Novell has directed broadcast that can be done across IPX backbones. Alan
Current thread:
- Re: NT security et al (Dangers of NetBIOS/NBT?) Nick and Debbie Leask (Sep 26)
- Re: NT security et al (Dangers of NetBIOS/NBT?) Alan Cox (Sep 27)
- <Possible follow-ups>
- Re: NT security et al (Dangers of NetBIOS/NBT?) Jacob Langseth (Sep 27)
- Re: NT security et al (Dangers of NetBIOS/NBT?) Dan Shearer (Sep 27)
- Re: NT security et al (Dangers of NetBIOS/NBT?) Scriptors of DOOM (Sep 27)