Chances are your home network can be hacked so easily it will amaze you!
It's not news! It's a story as old as the Internet and Microsoft that EVERYONE considering a high-speed,
always-on Internet connection MUST consider!
If you networked your Windows PCs to share a printer, files and/or your
Internet connection and do NOT have a firewall, the world can 'visit' your PC,
see, copy, delete or edit ALL of your files, print to your printer, get your passwords
or trash your PC - without your knowing about it.
The default settings of Windows is to install and enable a network protocol called NetBIOS,
a perfect solution for small networks. When you enable File and Print Sharing you open up
your PC to the Internet-at-large. When you share your printer or hard drive, you make
them available to everyone on the Internet. If you do not use a password to protect your
PC's resources - anyone can get to them.
Jim, how do you know?
1) Normal Internet-workings allow for connecting to a system on a network using a host PC system's name and domain name - like www.raisin.com - www = the system's host name, raisin.com = the domain name, or by the system's IP address like 199.182.120.203.
2) Microsoft networking uses IP port 139 to allow other systems running the NetBIOS protocol to connect to them and access their resources.
3) Microsoft networking adds to this by allowing you to connect to a PC by it's Windows system name - like \\SERVER, \\MY_HOME_PC, \\Brad's PC, etc. - and will generously provide this information if another PC connecting on Port 139 asks for it.
4) In order to connect to your PC someone needs to know the hostname or IP address, AND that Port 139 is available on your PC, AND your PC's name.
5) 'Hackers' have several tools available to do them that perform some or all of the network investigation to discover and access your PC, or they can do it manually, one address at a time.
6) Commercial network security tools can do this. A free tool called NetBrute from RawLogic can do this. Download it, key-in a range of IP addresses, click the Scan button, sit back and WATCH - you will be amazed!
7) I've done it. My friend Mike's done it. We've found VERY revealing files on the PC systems of lawyers, accountants, home day-care centers, our neighbors - and it's legal - they opened shares to the Internet, a public medium. The problem and tools have been featured on PC-related radio talk shows. PC expert Steve Gibson exposes and reveals the threat on his web-site. I've written two articles about it.
What Does This Mean?
Quite simply, anyone with patience and an Internet connection can poke around a bunch of IP addresses and find a bunch of vulnerable PCs - your PC - and GET YOUR STUFF!
Why Your ISP Does Nothing About It
ISPs, as their name implies are Internet service providers - they deliver the Internet to your computer(s). That's it. That's what you pay them to do. They are not network traffic cops. They are not personal network security experts or providers. If you do not want "the Internet" then we suggest you dump your high-speed connection and use dial-up via AOL or Compuserve. Even if you're an AOL or CI$ user and have high-speed access you need to protect yourself!
But Your ISP Could...
...at least inform you about the problem and guide you to choices for solutions...
...block ports 137-139 and no one on the Internet would ever know your PC was there...
What Can I Do About It?
Go to Steve Gibson's site, click on ShieldsUp! and follow the steps to see if your PC is vulnerable.
Software
Get ZoneLab's free ZoneAlarm software firewall. Even if you get a hardware firewall product it will NOT alert you to and protect you from harmful applications that can reveal or send your data to others like ZoneAlarm can.
Hardware
Get a Umax, Linksys, NetGear or D-Link router/firewall/hub product to protect and share your connection. These products will keep your local network local and provide a seamless, invisible first-line of defense plus other great features.
After you apply a software or hardware firewall, preferably BOTH, go back to Steve Gibson's site, click on ShieldsUp! and follow the steps to verify that Step #2 protected you properly.
Mike's Hardware - Scan and Hack Report
If you need help checking, securing or maintaining your PC system(s), call Mike and
we'll get you fixed up!
Expert Steve Gibson - check ShieldsUp!
The SF Chronicle covered this issue too!
Mother Earth News - Internet Privacy Coverage
ComputerUser Covers Internet Privacy
Need Help? In the Bay Area?
Feel free to contact Mike or myself and we will be glad to discuss the security of your home or small office network. We can get the gear and software together and install it for you.
Copyright 2001, Jim Aspinwall / 30 August 2001