This is exactly why....

Page 2 of 2 Previous  1, 2

Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:07 pm

You'd be amazed at the complexity that goes into Microsoft's AD.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:08 pm

With replication, DNS, GlobalName Groups, Universal Groups. Domains, Forests, Trees, OUs.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:08 pm

I wonder if anyone has any idea what I'm talking about.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:09 pm

Usually once I start going off on my tangets about the things I'm learning in school, people just kinda start to smile and nod.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:09 pm

Which can be kinda sad. Because I think it's important to know about Computer Security.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:11 pm

Like if you go to the command prompt, and type in... "netstat -a -n", it'll give you a list of all the server's you're running. Anything that says "Listening" is actually a service that's acting as a server.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:12 pm

That means your basic, home OS (operating system) can be a server for someone else. You don't have to be running a Server OS
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:15 pm

Ports 137, 138, and 139 are ports for NetBIOs over TCP/IP. An antiquated system that Microsoft can't let go of because they based they're whole OS around computer names. (The name you actually give your computer when installing the OS)
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:16 pm

It allows people to pretty much do "Simple File and Print Sharing" via the internet, which uses the IP (Internet Protocol) suite. Which includes TCP (Transmission Control Protocol) for connection oriented transfers, and UDP (User Datagram Protocol) for short responses.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:18 pm

UDP is used when speed is the concern. Like port 123 NTP (Network Time Protocol [it's easy as 1, 2, 3]). It simply goes out to a defined server, which you can pick to use one other than Microsoft's defaults, and ask "What time is it?" Simple response of "3:17 PM" is sent back. Speed is important, not getting the info back, because it'll ask again in about 15 seconds or less.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:18 pm

But TCP ports 137, 138, and 139 are DANGEROUS to continue to allow to remain open.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:20 pm

This is because we DO NOT want to do "Simple File and Print Sharing" via the internet, because that means ANYONE who knows your PUBLIC facing IP address only has to do a few simple sweeps to get into your home computer.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:21 pm

What's even scarier than that? By default, every Windows OS... SHARES THE ENTIRE C: DRIVE BY DEFAULT AS A HIDDEN SHARE.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:23 pm

Which means anyone that knows this, could hit your public facing IP, do a few ping sweeps to see what IP responds back (this would be your private IP that the router gives you, usually 192.168.0.x or 192.168.1.x). This only is 508 possible IPs to sweep through and can be done in UNDER 15 MINUTES
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:24 pm

So they've got your public facing IP, they have your private IP, and they have YOUR ENTIRE C: drive which is where everything is saved by default, and the only place to save unless made it a point to partition your hard drive.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:26 pm

So Microsoft has given everyone that wants it a way into your entire computer, via the internet. Through ports 137, 138, and 139 TCP, they can get into your hidden C: drive share, and put in viruses, porn, or anything. Or take anything else they want. All the while you'd never know. They could even make the folders hidden and unless you have an option turned on, you'd never know it was there.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:28 pm

It seems like a simple enough fix, shut down NetBIOs over TCP/IP and everything solved, right? It's simple to do by clicking around your NIC and finding a few advanced properties.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:28 pm

Unfortunatly, Microsoft found out it was FAIRLY simple to turn this off. And suddenly was like... "Hmm... they should want this feature. I know, I'll just make it a new port".
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:29 pm

And with Windows XP with Service Pack 2, came the invention of..... Port 445. With port 445, the combined all those tacky ports of 137, 138, and 139 into one convient NIGHTMARE!
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:29 pm

Not only do you have NetBIOs over TCP/IP, which is a pain as I've already explained... Now you can't turn it off.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:30 pm

Going into your NIC and turning it off there only shuts downs ports 137, 138, and 139. Which are still opened by defaut on EVERY Windows Operating System.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:31 pm

It still leaves port 445 open. No big deal? You'll just go into the OS, maybe do a registry hack or even simpler shut it down on the firewall... WRONG!
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:32 pm

Shutting down port 445 can have SERIOUS and SEVERE consqeuenses on your OS. Crashes and instability will soon follow.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  CyrusKnyghtbane on Fri Apr 16, 2010 1:35 pm

Want more computer security tips? I'll start another rant in this section for it.
avatar
CyrusKnyghtbane
forum spammer

Posts : 279
Join date : 2010-03-28
Age : 31
Location : Derby City

View user profile

Back to top Go down

Re: This is exactly why....

Post  Sponsored content


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum