By Glenn Hefley
So far this has not been a very good year for Microsoft on the security front, and it is still January. The latest in the list of security holes comes to us through the wireless connection software in XP and other Windows OS systems.
Typically these systems would be laptops, as the hacker or exploiter needs to be in range of the system in order to make use of the security hole. Also, from the description put out regarding the exploit, the system should not already be connected to a network.
The security hole was demonstrated at the annual US hacker convention, known as ShmooCon, held in Washington D.C. Claiming credit for the find is Mark Loveless, a senior security researcher for Vernier Threat Labs.
While traveling on flights with other laptop toting passengers, Mr. Loveless admitted that he tested the vulnerability several times. If the other laptop is running the Windows 2000 or Windows XP OS, and doesn't have a firewall, then a connection between the two computers can be established, and the hacker can browse through the other laptops files directories.
The vulnerability is related to the operating system's built-in wireless capabilities, which can be configured for searching any available wireless connections on start up. If no wireless link is detected at that time, an ad-hoc link is set up to a local link address. To exploit this, a network connection on a different computer is configured so that it has the same network name as the targeted computer. With this being done, the two computers now "associate" each other on the same LAN, giving complete access to the target computer from the hacker computer.
Microsoft has known about this exploitable "feature" for some time, as the specifications for it are documented in the technical manual named "RFC 3927", co-authered by Microsoft employee, B. Aboba. Why it was not addressed in the past is currently not know, and Microsoft is not making any comment on the issue other than announcing that they are aware of the problem and a release fix is scheduled with the next service pack.
Until that time, here are some other suggestions for protecting your laptop from unwanted intrusions. First, and foremost, the intrusion can only be made if your laptop is not running a firewall. XP comes with a firewall package, and while it has only the most basic features of a firewall, it is enough to keep this vulnerability from being successful. Any laptop owner should have the basics setup on their computer. The second suggestion is to change your laptop's wireless card setting so it allows connections only from "infrastructure networks". One more suggestion would be to turn off your laptop's wireless network card when you are not using it.
If you decide that the Windows Firewall is not enough for your needs, then you might want to take a look at Zone Alarm. Zone Alarm is a nice firewall system, runs smoothly in the background and has a small footprint on you computer resources. Zone Alarm also has a free version which you can download from their website and see how you like it before purchasing the full version.
There is also one called Black Ice which has received some good reviews. Again they offer a free version for demonstration purposes.
You can find out more about firewalls on the Firewall Guide website.
This article may not be copied or distributed in part or in full from this site and is copyright D24 Media Limited.
|
