                              °Û                       °Û
                          ÞÜ  ±Û                       °Û    °Û
           ÜÛÛ ÛÜ ±Û  ²Û°ÛÛÛÛß°Û ÜÜÜ  ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û  °Û
          ÛÛ  ° ÛÛ±Û  ±Û  ÛÛ  ±ÛÛßßßÛÜ±ÛÛßß°ÛÜÜÜß    °Û°ÛÛÛ
          ÛÛ °  ÛÛ±Û  ±Û  ÛÛ  ±Û    °Û±Û   °ÛÜ   °ÜÛßßÛ°Û  °Û
           ßÛ ÛÛß  °ÛÛÛ   ßÛÛÜ°ÛßÛÛÛÛß±Û    °ÛÛÛß°ÛÜÜÛ²°Û    °Û
               Outbreak Magazine Issue #7 - Article 15 of 16
           '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'

bluecat9's rantz on Winblowz Netbios Protection & Hackin'.

So you have Winblowz and you wanna hack the planet?!? Why not?

Protection:
If you use MS Windows, Broadband, and your PC is on a home network (LAN),
with "Shares" you may be a redneck. To test obtain your IP (Start>Run>Type:
WINIPCFG), Then (Start>Run>Type: \\YOURIP) and press ENTER. Wait a second, if 
you got an error message your not vulnerable and can skip to "Hack the Planet." 
But, if you got an Explorer-Like window with your shares displayed you ARE vulnerable.
By this I mean, everyone on the Internet can access your "Shares" just as you or other
people in your house on other computers do on your network. So, how do you protect
yourself? Here are some resolutions, the easiest but 100% fix is to change your
Share's name from "C" or what ever it is named, to "C$" this will make the Share
hidden. The only difference now is when you want to access a share you will have to
type in the full path to the share. Example: Start, Run, Type \\YOURPCNAME\C$,
and press Enter. Now, if someone does happen to peek at your network they will not see
the shares, but if they guess the name of your share they can access it just as
you would. It's not a good idea to use simple share names such as A, B, C, which can be
easily guessed. Password protection is not a 100% fix for this problem, but a good
idea. Some other solutions are, installing a firewall, using USB vs Ethernet for
your broadband modem, removing the shares altogether, unbinding the service
(File and Printer Sharing) from the protocol (TCP/IP) that is bound to the
adapter (NIC) that is attached to your broadband modem. Purchasing a new
broadband modem which has a built-in firewall. Ok so your protected, let's hack
already!

Hack The Planet:
Now you know about the issue, let's find someone that isn't protected! (evil
laugh) It's as easy as obtaining an IP and performing the following,
Start, Run, Type: \\THIERIP. Man was that hard! So, you got someone's IP,
tried that, and you got an error message? They're not vulnerable, deal with it? Or… You
saw all the pretty little shares!!! Alriiiight! The best we can hope for is a user
who has their entire hard drive shared out with full access. If not, you may have
fun just browsing their files? So you didn't get an error message but they don't have
any viewable shares?!? Try guessing a few hidden share names, like
A$,B$,C$,D$,E$,HD$, MY DOCUMENTS$  and PRINTER$. Oh sure you'll have fun printing to their
printer. OK, you know how to get in the door, but it takes to long trying one IP
after another! Sure it does. Search the internet for "NETBIOS SCANNER" or "SHARE SCANNER"
and I'm sure you'll come up with something fun which will most likely let you
scan entire class C's! (x.x.x.0 to x.x.x.255) That should get the party started!
Now your on your way to hackin' the planet but you've run into shares that
are password protected, no worries. Because lo and behold there are programs
available to crack share passwords in a matter of seconds! A good search for "NETBIOS
SHARE PASSWORD CRACKER" or something similar should do the trick. Know this, some
ISP's block netbios communication (Port 139) through their network leaving you
unable to connect remotely to another network using netbios, so sorry.

Remember. You're limited only by your own imagination.
--bluecat9