[ Go to August 1997 Table of Contents ]|
-- by Joseph C. Panettieri and John D. Ruley
It was inevitable. Now that widespread Windows NT deployments are under way, many hackers have turned their attention from tinkering with UNIX to trashing NT. In fact, hackers have found several ways to attack NT systems, leaving network administrators wondering just how secure the Microsoft OS really is.
Most recent NT attacks fit into the "denial of service" category. Hackers send incomplete (or badly formatted) data to a network port, which can lock up an NT server. Other vulnerabilities include a "red-button" mechanism that permits users to copy the encrypted NT password file to a remote system for off-line cracking.
Perhaps NT's most gaping security hole is its built-in "anonymous" user, which permits machine-to-machine communications across a network. This user account, which some hackers claim to have infiltrated, can access shared files and directories-including system-level shares normally available only to administrators.
While Microsoft isn't sounding the security alarm, the company is taking steps to bullet-proof NT. For instance, it has a Web site that offers security tips (http://www.microsoft.com/security/). It has also released Service Pack 3 for NT 4.0, which includes enhanced encryption, Server Message Block (an authentication protocol that prevents message attacks), password filtering and restricted anonymous user access.
"Microsoft is doing an okay job addressing NT security at this point," says Christopher Klaus, founder and CEO of Internet Security Systems (http://www.iss.net), a software security company in Atlanta, Ga. Still, Klaus expects hackers to uncover more NT vulnerabilities in the months to come and urges organizations to identify whether they're using Microsoft's latest security patches.
That's good advice, considering the hacker community's growing infatuation with NT.