Wi-fi Security Flaw Hits Windows

[george]

Wi-Fi security flaw hits Windows

A Microsoft Windows feature that allows PCs to automatically search for Wi-Fi connections could be exploited by hackers.

The Wi-Fi feature in question is part of both Windows XP and 2000 and the flaw was reported at a hacker conference over the weekend.

Both MessageLabs and McAfee have confirmed the potential security hole.

The security opening is caused when a Windows PC boots up. The machine will then automatically try to connect to a wireless network.

If the machine can’t find a wireless connection it will establish an ad-hoc connection to a local address. This comes with an IP address and Windows matches this address with the ID of the last wireless network the PC connected to.

The process is designed to quickly allow a user to connect to a Wi-Fi network when one actually becomes available. But it also allows hackers to take advantage and potentially read files on the user’s machine.

The wireless ID of the last Wi-Fi network connected to will be broadcast and a wireless hacker could pick up the ID and try and directly link to the machine using a peer-to-peer connection.

As a result of the flaw, security experts have warned companies to make sure their staff use personal firewalls or are using Windows XP Service Pack 2, both of which prevents attacks.

Microsoft has so far not commented on the problem.

-- computerweekly.com 2006-01-17

[astral]

Ouch.

Is there anyway to turn off the search facility?

[stumonster]

from the original article

http://blogs.washingtonpost.com/securityfi...ws_feature.html

Whoops. Anyway, you might be wondering now how you can make sure your Windows laptop is protected from this.....er, feature. First of all, if you are running any kind of network firewall -- including the firewall that comes built in to Windows XP -- you won't have to worry about some stranger connecting to your laptop. In fact, I had to shut down my firewall for both of us to successfully conduct our test.

Also, many laptops have a button you can push that disables the built-in wireless feature until you hit that button again. Turning off the wireless connection when you are not using it also prevents this from being a problem.

Another good idea is to change the setting on the computer's wireless card to connect only to "infrastructure networks" -- real wireless access points that actually allow you to surf the Web. To do this, go to "Start," "Control Panel," "Network Connections," and then right click on the entry labeled "wireless network connection" and select "Properties" from the drop down menu. Then click on the "Wireless Networks" tab, and then on the "Advanced" tab at the bottom of that window. A box should pop up that gives you three buttons to choose from: Select the one next to "Access point (infrastructure) networks only."

learn to use your firewall - it protects you against more than just this guph