At 09:50 AM 1/4/00 -0400, Mike MacKinnon, Michelle McHugh wrote: >>>> <excerpt><smaller>I consider this completely non-technical, but I have seen it overlooked many times. If you have a permanent internet connection like DSL modem, and you have read\write access to you drives, put a password on those shares (sorry if you already have, but i missed any mention of it). Someone I used to share an office with found all the available shares in plain old Network Neighborhood with his DSL connection. The ISP was new to setting them up and had never implemented any sort of security to prevent this. My friend just browsed (not hacked) onto all the computers that were on his local router, full access, unless they had a password. </smaller></excerpt> You should have seen one day at work - I was helping a piracy investigator with a case, and some nitwit with a DSL line was letting people download stuff off his home machine. It went like this: Inv - his IP is XXX.YYY.ZZZ.AAA Me - ok... net view \\XXX.YYY.ZZZ.AAA Share Name Type c Disk d Disk Gee - I wonder how stupid they really are? net use Z: \\XXX.YYY.ZZZ.AAA\c The command completed successfully [raucous laughter] Hmmm - guess they're pretty stupid... David LeBlanc dleblancat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:56:47 PDT