Windows 95/98 makes it easy for desktop users to share their files and printers with other users. In the past, this was useful only in office settings, where PC's were routinely networked. However, with computers and network equipment getting cheaper, more and more people are setting up small local area networks (LANs) at home. Once networked, Windows 9x makes it very easy for users to create shared folders and allow others to access their files.
As useful as shared resources might be, opening up data for others creates a potential security issue. While sharing computers among household members may not be much of a risk, the proliferation of Internet access from the home has led many to unknowingly expose their hard drives to outsiders.
So who is at risk and why are people unwittingly opening themselves up for attack? Basically, anyone who is running Windows 95/98 and has shared folders will be vulnerable when connected to the Internet, unless they are behind a firewall or proxy server (which most home users do not run to protect their network). This includes both dialup modem users and those with digital broadband Internet services, such as DSL and cable modem access.
The exposure begins once the user is connected to the Internet. Dialup users that connect to Internet service providers (ISP's), such as America Online, MCI Worldcom, or Mindspring, are susceptible to attacks whenever they are dialed in to check e-mail or browse the world wide web, up until they disconnect. Digital subscribers are continually exposed since the connection is up 24x7, not only when the user dials in. The problem begins once the PC is assigned a valid Internet IP address.
So why do so many people inadvertantly open themselves up to intrusion? The main reason is that there is almost no documentation for the average user that talks about their exposure on the Internet. There are no warning signs that someone is intruding, and no indication that the user is actually offering shared folders to the outside. Microsoft's Network Neighborhood tool misleads users into believing that they are isolated, simply because they cannot see outside computers while on the Internet. While others cannot see the user's PC in their Network Neighborhood window either, that does not mean that someone cannot find the user's shared folders.
There are only two obstacles that deter the potential intruder. First, the intruder has to locate a vulnerable Windows 9x machine. Second, the intruder has to guess the password.
There are readily available tools that make this task rather simple, if not a bit time consuming. One example is Rhino9's Legion, which polls wide ranges of IP addresses to see if any computers have available shared folders. The application broadcasts a NetBIOS request to find all computers that have NetBIOS services. The application then searches each earmarked computer for available shares, and displays the results. Once these shares are known, there is no way to detect or deter brute force password guessing.
The only way a user can prevent unwanted intruders is to make sure that File and Print Sharing is disabled. To do so, go to the Control Panel, select Network, and click on the File and Print Sharing button. Make sure both options are checked off.
If you absolutely must share files on your system, make sure that at the very least there are passwords assigned to both read-only and full access. Consider using different passwords for the two access levels.
Also, consider buying some sort of access device, that can provide at least basic protection from casual snoopers. Below are links to devices that are ideal for a SOHO (small office-home office) environment.
Nortel Netgear Products