|
HOME TOPICS ABOUT ME Discovering this flaw if you run Windows can be a big hassle. But when your PC runs Linux, which has no connection with Microsoft and does not use any Microsoft code, you can spot it right away. Nobody built Linux to hide flaws. |
technofile Al Fasoldt's reviews and commentaries, continuously available online since 1983 Microsoft's "industrial strength" Windows NT exposes private lives to everyoneJan. 9, 2000 By Al Fasoldt Copyright ©2000, Al Fasoldt Copyright ©2000, The Syracuse Newspapers I felt like a peeping tom. I was peering into a collection of love letters somebody stashed away in what must have seemed like a private hiding place -- the "My Documents" folder of a computer in a room at a major American university. I didn't read the letters. But I could have. But there they were, dozens of them, sorted by date. I wasn't trying to spy on anybody. I was running a new program I found on a Linux file site. The program lets anyone with a Linux PC cruise through the files and folders of networked Windows PCs anywhere in the world. It's not an illegal program. You don't need a license to run it and you don't need to be a 14-year-old who never takes a bath to understand how it works. It's just a program that shows you things that Microsoft would like to keep you from knowing. It shows you how vulnerable Windows is. It shows you this in a BIG way. It opens up the drives of Windows computers that use Microsoft's WINS networking. WINS means Windows Internet Naming Service. It's not the same as the networking system the Internet is built on, TCP/IP, so you might not have heard of it. Even though it invented WINS, Microsoft hasn't talked much about its own system lately. It has no reason to, since TCP/IP is so successful and so easy to use. Everybody who wants to connect to computers on the Internet ends up using TCP/IP most of the time. TCP/IP was developed by the Internet's hardy pioneers many years ago. But WINS is still in use in hundreds of thousands of computer networks around the world. These networks use WINS to talk to each other despite the fact that WINS has almost no security. Proof that WINS is so cheesy is not hard to find. But you won't spot the flaws when you're running Windows 95 or Windows 98. Just try connecting to a WINS network from those two versions of Windows and you'll see what I mean. Microsoft kept the instructions out of sight, and you'll never do it without a guru by your side. And that's probably a good thing, because using a PC with poor security to connect to another one with equally poor security is not smart. But you can find the flaws in WINS in an instant if your PC is running Linux. The Linux operating system can do a lot of things that Windows can't do. It's especially adept at doing things that Microsoft would rather not advertise -- such as connecting to WINS computers at any time without a password. You'd think that the expensive version of Windows, called Windows NT -- the one Microsoft is modeling Windows 2000 on -- would be free from this security flaw. But I've got bad news. The WINS system's security bugs are caused by Windows NT. Those lover letters were on a Windows 95 computer that was connected to a Windows NT computer. And that Windows NT computer is letting anybody in the world into the front door of the network at that university. Surely, no one should be able to stroll into a Windows NT network without so much as an invitation. Nobody should be able to look at some 19-year-old's love letters without getting permission -- as if you could ever get permission to do such a thing! No one should be able to browse through files and folders that belong to someone else. But that's just what you can do. If you're running Linux, download and install a program named xSMBrowser and click on the entry that says "Sample WINS - Try Me." Before you can say "Holy Toledo!" you'll be roaming around inside a Windows NT network at the American university where I saw the list of love letters. The university's network is the one the program's author chose as an example, but you can find other sites all around the globe. They're just as easy to get into. Click, click, click and you're waltzing through another folder that's supposed to be private. Are you worried yet? When you click the WINS network icon in the Linux program, the first things you see are lots of icons that represent workgroups within the university network. Clicking on a workgroup opens a window that shows individual computers. Clicking on the icon for a computer shows the folders within the PC. And clicking on a folder shows you what's inside. That's Microsoft's idea of security for you. Note that you're not asked to type a password. You just cruise into the network. Discovering this flaw if you run Windows 95 or Windows 98 can be a big hassle. But when your PC runs Linux, which has no connection with Windows or Microsoft and does not use any Microsoft code, you can spot it right away. Nobody built Linux to hide flaws. I'd tell you the name of the school if I thought that would help. But I'd be picking on that university. It's just doing the same thing universities all around the country are doing. Microsoft encourages colleges and universities to install Windows NT computers, and many schools have switched from Unix or Linux to Windows NT. This has been happening despite the gaping security flaws in Windows. Get this: It's clear that Windows is insecure. It's a lousy networking system, vastly inferior to Linux and Unix and Apple's Macintosh. People can slip into WINS networks without so much as a password. Yet Microsoft is trying hard to get universities to ditch their Linux servers and replace them with Windows NT servers. Does this make sense? Microsoft has every right to drum up business, but schools and businesses have a responsibility to protect everyone who uses their networks. Maybe I'm wrong to get so worked up over this, but I think network users need to know whether their private files are really private. Something's rotten if you can't trust your network administrator to do even the minimum job of ensuring the privacy of your files. Are you worried yet? I am. Something is wrong here. I don't have a solution. But you need to know what's going on. Letter from a network administratorJan. 11, 2000Mr. Fasoldt: I read your article on the insecurity caused by Windows Internet Naming Service. While your commitment to informing your readers of the insecurity of their data is commendable, your article is not entirely accurate. Firstly, WINS is not a networking system like TCP/IP. In fact, WINS is part of Microsoft's implementation of TCP/IP. The primary function of WINS is to map NetBIOS names to IP addresses. A WINS server is meant to provide an easy method of contacting PC's on a LAN without having to remember IP addresses. It automatically maps computer names to IP addresses. WINS provides no further functionality than that. It provides a list of PC's that are configured to use it and their IP addresses. I'm not entirely clear how you link your love letter experience with a fault in WINS. The error that allowed you to gain access was twofold. Firstly, the network administrator at the university should have blocked SMB (server message block) traffic at the firewall of the university. This would easily thwart anyone attempting to repeat your intrusion from the outside. Secondly, the student's computer should be configured properly to disable file sharing from her computer. Neither of these errors have anything to do with WINS nor with an inherent security flaw in Windows NT. WINS performed its duty in providing a list of computers configured to use it. That is what it does. I remind you at this point that the purpose of security is to disallow access to those not authorized to access certain data. Those who ARE given access should be able to get to that information as easily as possible. This is the purpose of WINS. This is also the purpose of non-Microsoft services such as DNS. In fact, without such services, the value of TCP/IP and the World Wide Web would be limited. Right now I can go to www.dell.com without having to know that it's IP address is 143.166.82.178. I can also browse to any of the PC's on my LAN without having to know their IP address. That is what WINS does. If those PCs are not properly secured, it is not the fault of WINS. They would be just as insecure without WINS to anyone who knew what they were doing. I understand your concern. You were successful in gaining access to data that you should not have been able to gain access to. This is a problem. The problem, however, is not with the operating system or any of the services provided by it. The problem is primarily with poor security implementation on the part of that university. It doesn't matter how good (or poor) the lock is if you leave the key in it. Josh Burgner LAN Administrator Light Sciences LP |