An interface that has existed for over 30 years and is present in all versions of Windows, is still a serious security risk for businesses and users. Before warns security expert Perry Mertens . It involves the NetBIOS interface from 1983. NetBIOS stands for Network Basic Input Output System and is an interface that allows systems to communicate within a local network.
Over the years, several vulnerabilities in the protocol discovers and also abused, including spoofing attacks. The protocol does not use authentication and is therefore particularly vulnerable to spoofing. According to Mertens it is quite easy to perform NetBIOS spoofing attacks. An attacker only needs to connect to the local network or an open Wi-Fi network. Then catch his user ID and password hashes through all sorts of readily available tools on. These hashes are often crack again through other tools.
"This is the easiest way for an attacker to steal user data, just wait," Mertens says. Using the stolen data can allow an attacker access to personal data, applications and systems. Because of the risk of NetBIOS Mertens puts it even as a "30 year old forgotten backdoor in Windows". He advises organizations and suppliers alike to NetBIOS disable . Warning for NetBIOS is not new. Three years ago, the Internet Storm Center hole a similar warning off.
No comments:
Post a Comment