Although the NetBIOS interface has been around for over 30 years it is still a problem for modern Windows computers. NetBIOS stands for Network Basic Input Output System and is an interface that allows systems to communicate within a local network.
The problem with NetBIOS is that it uses no form of security. On a local network, everyone can reply to NetBIOS request.Such request shall be sent if for example a website is being queried and the DNS (Domain Name System) is not working. In this case NetBIOS used as a fallback. An attacker on the network can respond to the request and that redirect user to another website, such as a website containing malware or a phishing site.
It is also possible to imitate hostnames and thus to steal login credentials via NetBIOS or the traffic of users, encrypted SSL traffic after, intercept and manipulate. According to security firm Kleissner & Associates NetBIOS is still supported everywhere. Even wifi routers in aircraft routing NetBIOS packets. The company advises users and administrators therefore to disable NetBIOS for all network adapters. Recently warned also another expert for the risks of NetBIOS.
No comments:
Post a Comment