IP: Win95 A Hacker's Net Dream

[Dave Farber <farber () central cis upenn edu>]

Date: Fri, 10 Nov 1995 10:57:05 GMT
To: cypherpunks () toad com
From: cpunk () remail ecafe org (ECafe Anonymous Remailer)
Subject: Win95 A Hacker's Net Dream
Remailed-By: ECafe Anonymous Remailer
Complaints-To: complaints () remail ecafe org
X-Www: http://www.ecafe.org/~remail/
X-Notice: The contents of this message are neither appoved or
X-Notice: condoned by ecafe.org or our host Hypereality Systems.
X-Notice: We bear no liability for misuse of this system.
X-Warn: *** This message was remailed through an anonymous remailer ***
X-Warn:  *** Replying to it will not send your reply to the sender ***
Sender: owner-cypherpunks () toad com
Precedence: bulk


Windows 95 Is A Hacker's Dream Over The Internet




Central, Hong Kong, Nov 9 (NB) -- Windows 95, combined
with the Internet, could be a dream made in hacker
heaven. From seasoned propeller heads Newsbytes has
contacted, it looks like Windows 95 could be more of
a security nightmare than was first thought.


This is especially true where fixed link companies are
concerned. An investigation of the new operating system,
when hooked onto the Internet, leaves computers wide
open. Executing a series of simple, uncomplicated
commands opens up company and private users' computers to
hacking the moment they access the Internet, claim some
analysts.


Worse, they may never know it has been done. Using a
simple Unix command, a hacker can locate the IP (Internet
protocol) address of the subscriber logged into an
Internet service provider. Then he needs only one more
thing; a logged-on Internet user using Microsoft's new
operating system.


For businesses with leased line Internet links, it can
happen at any time, day or night. Once the IP address has
been noted, the hacker simply creates a file through DOS
on his own system, specifying the address and naming it.
Using two other commands -- which purge the remote names
on the IP, or Internet provider's port -- the system then
refreshes and remaps itself in preparation to be accessed
by the hacker's computer.


Because Windows 95 is designed with a networking
capability, it leaves all computers in the office open to
illegal access. Once the hacker has called up his Map
Network Drive, the hard disk on his own machine cannot be
differentiated from that of the genuine user. All that
need be done then is to put in a common drive name, most
obviously "C:\." For networked machines, the default "C$"
is common.


This gives access to all files on the subscriber's drive.
While Windows 95 allows the user to protect the drive by
giving it a password, computer experts Newsbytes talked
to said that device won't necessarily lock out intruders.
Because the operating system has no "audit" trail -- in
other words, it does not log who or how someone is
accessing the drive -- a hacker can spend weeks trying to
discover the password. Password search programs, like
Cracker, are readily available and can break through most
simple password sequences.


-----
--- end forwarded text