MSInfluentials
A new blog site for influential people
Jesper's Blog » Today's forecast for O'Hare: Lots of Vulnerable Computers

Today's forecast for O'Hare: Lots of Vulnerable Computers

Olliver Sommer, a German Small Business Server MVP, flew home from the Microsoft MVP Summit via O'Hare Airport in Chicago. While there, he spotted this wonderful piece of advice for how to configure your computer to use the airport wireless network.

The document is meant well, but lacks a bit in the execution. It recommends that you disable exceptions in Windows Firewall because doing so stops attacks through Windows Messenger while on the wireless network. Of course, you would only get attacked through Messenger if you actually accept unsolicited requests from people.

The document then goes on to show how to disable the exceptions. It even has a screenshot; which would work far better if the screenshot showed the exceptions disabled. Instead, the screenshot shows the firewall turned off entirely. One has to wonder how many people followed the advice in the picture as opposed to the text.

Then comes the piece de resistance. The document recommends you disable Simple File Sharing. Not only does this presume that you are using Windows XP Pro, as Windows XP Home does not permit you to turn off Simple File Sharing. Simple File Sharing, as it turns out, is partially a user interface feature that governs which sharing user interface you see. However, there is an internal feature as well. in fact, Simple File Sharing is essentially the Force Guest feature. If Force Guest is turned on all users connecting from the network connect as Guest. In other words, by disabling Force Guest, you would enable remote users to connect using as an authenticated user, potentially even an administrator. Force Guest ensures that the only thing a remote user can do is read, and write if you have permitted that, the files you have made available to network users. Turn off Force Guest and a user that guesses the password of your administrative account can take over your computer.

In other words, the guidance that O'Hare Airport is publishing has you disable the firewall and enable traditional file sharing so anyone can start guessing passwords against your computer. One wonders if this is perchance some new Transportation Security Administration (TSA) inspection scheme to investigate what is on your laptop?

Read the complete post at http://msinfluentials.com/blogs/jesper/archive/2008/04/19/today-s-forecast-for-o-hare-lots-of-vulnerable-computers.aspx

Posted Sat, Apr 19 2008 11:38 PM by Jesper's Blog
Filed under:

All postings are copyright Jesper M. Johansson or Steve Riley, in the year they were made. These postings are provided "AS IS" with no warranties, and confer no rights. All postings are the sole opinions of Jesper M. Johansson or Steve Riley and do not reflect any official opinion of anyone else with whom the poster(s) are affiliated or has been affiliated in the past. Use of included code samples is permitted for non-commercial use, with no warranties of fitness express or implied. All use of any information or code snippets posted in this blog at the user's sole risk. The blog site would like to thank www.ownwebnow.com and www.exchangedefender.com for their support.
Powered by Community Server (Commercial Edition), by Telligent Systems