Results 1 to 7 of 7

Thread: Open Ports

  1. #1
    Senior Member
    Join Date
    Oct 2001
    Posts
    689

    Post Open Ports

    I decided to try Shield Test at http://grc.com on my mothers basic Windows 98 install with a dial up connection. She doesn't have a firewall, and I was really curious to see if her ports were at least closed. It turns out that only two of her ports that were tested were stealth. One, port 138, was wide open, and the rest were just closed. I think the test said that the open port was the NetBios port. What could a malicious user do to get through this security hole? What kind of things could happen if she left this unprotected? Trying to convince her to get a firewall is an impossible task.
    Wine maketh merry: but money answereth all things.
    --Ecclesiastes 10:19

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    831
    hey..
    the netbios vulnerability can give a malicious user access to the hard drive. If they get full access, then there is big trouble... as the malicous person could edit say, the autoexec.bat with a reference to a certain server.exe they have uploaded and next reboot, total control....

    If the person is just feeling cruel, and wants to cause some instant damage, they can just delete files from the computer...

    Disable File & Print Sharing over the dial up adapter..
    That should close the port for you... test it at grc.com again to be sure...
    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    185

    Re: Open Port

    I believe that there is a quick and dirty on classic Windows Break and enter at http://www.urbanhacker.com . It goes over some nasties on NetBios I believe. As MattyCross said it is file and print sharing.

    If you have the same ISP as your mom, from your computer go to IE and just do \\hostname\C$ or \\hostname\admin$ (where hostname = your mom's computer name).

    Often Windows users have two shares wide open

    C$ and Admin$

    both of which allow a remote user to browse that system as if it were their own.

    Got to love that MS default security!
    Know this..., you may not by thyself in pride claim the Mantle of Wizardry; that way lies only Bogosity without End.

    Rather must you Become, and Become, and Become, until Hackers respect thy Power, and other Wizards hail thee as a Brother or Sister in Wisdom, and you wake up and realize that the Mantle hath lain unknown upon thy Shoulders since you knew not when.


  4. #4
    Or you might want to switch offf NetBios in your dial up settings.

  5. #5
    i too think that it's probably a virus or trojan under the name defrag

  6. #6
    sorry about that. i posted a reply to the wrong forum. anyways, no one can do anything as long as you're not running any shares.

  7. #7

    Cool

    Originally posted by Matty Cross
    hey..
    ...

    Disable File & Print Sharing over the dial up adapter..
    That should close the port for you... test it at grc.com again to be sure...
    I aggry with this ..

    Be Cool ..


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •