1996-12-04 - RE: IP address

Header Data

From: Internaut <unde0275@frank.mtsu.edu>
To: “‘cypherpunks@toad.com>
Message Hash: e1f009f99c2842a9c231b02d7907719da30d08d0e1f2babb06e01fa47a1ab7e9
Message ID: <01BBE19A.A32BF200@s22-pm03.tnstate.campus.mci.net>
Reply To: N/A
UTC Datetime: 1996-12-04 10:22:12 UTC
Raw Date: Wed, 4 Dec 1996 02:22:12 -0800 (PST)

Raw message

From: Internaut <unde0275@frank.mtsu.edu>
Date: Wed, 4 Dec 1996 02:22:12 -0800 (PST)
To: "'cypherpunks@toad.com>
Subject: RE: IP address
Message-ID: <01BBE19A.A32BF200@s22-pm03.tnstate.campus.mci.net>
MIME-Version: 1.0
Content-Type: text/plain


Even greater than denial of service I believe that there are other threats.  Like I just found this file on c2.org (I believe it was) on using an IP address to explore somebody's hard drive under certain conditions.  

EXPORTING YOUR ENTIRE FILESYSTEM 

                                                Samba 

     When a Windows for Workgroups or Windows 95 machine shares any folder, bugs in Microsoft's SMB
     implementation over all network protocols allow access to the whole drive, with whatever permissions the sharename
     was given. These resources are advertised on a browse list that is made available to anyone on the local network by
     default, and to anyone on the Internet who knows the machine's IP address. Any user sharing any folder over TCP/IP
     without a password is opening the whole disk to the whole Internet (for those that can locate the machine) and those
     with a password should be aware that Windows has no protection against brute force attacks. SMBCLIENT, an
     ftp-style browser for any UNIX, plus a complete file system for Linux and a few UNIX versions, are available from the
     Samba web site. Please note that Samba's exploitation of this fundamental bug in Microsoft file sharing was
     unintentional, and was immediately reported to Microsoft. It could have happened with any client over any protocol. 

     An alleged fix for Windows for Workgroups was quietly released in early October, and Microsoft publicly announced a
     fix for Win95 on October 20th. It has not been rigorously tested, but it appears to fix the problem. The fix for Windows
     for Workgroups might not be a complete fix, but rather a patch for one way to exploit the problem. (The release version
     of Win95 prevented cd .. below the shared folder "root," but not cd ../) The patches and Microsoft press releases
     (which have been corrected at least twice, but which still erroneously identify Samba as shareware, neglect to credit the
     people who notified Microsoft of the problem, and neglect to mention that this is a fundamental bug in Windows, not a
     problem specific to TCP/IP or Samba) are available on Microsoft's Windows 95 Updates Page. The patch only works
     on the US/English version of Windows 95; at this writing, all non-English versions of Windows 95 are still vulnerable. 

Troy Varange wrote:
>	Well, the "danger" of posting a static IP must be even
>	greater than with a temporary IP.
>
>	Just call the police if you uncover a bonafide case of a
>	denial of service attack.  From what I gather, they take
>	this shit seriously, and have better capacities of
>	getting lazy admins to reveal the relevent data in their
>	logs.

I just have this gut feeling that sitting out here without any protection somebody could write something that could hook into a program, or even worse the system (i.e. Explorer).   Perhaps my fears are totally unfounded (besides above problem w/ samba), but I have not heard anyone say that one *is* secure.  -- Internaut
PS:  I am running win95 but feel free to answer this question for any os.





Thread