Windows - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Windows


New WINS Exploits Making Rounds



 By: Ryan Naraine
2005-01-04
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Windows story.


Rate This Article:
Poor Best
Researchers find a startling increase in hacker probes directed at Microsoft's Windows Internet Name Service.

Almost a month after Microsoft released a fix for a security issue in the WINS (Windows Internet Name Service) name server, malicious exploits continue to haunt tardy network administrators.

According to an alert from the SANS ISC (Internet Storm Center), there has been a startling increase in hacker probes directed at TCP port 42 and UDP 42, which handle WINS services.

Resource Library:

"If you have not patched your WINS servers in respective companies or campuses, beware. Patching these systems is now overdue," the center warned.

Last month, Microsoft released the MS04-045 patch with a warning that a successful exploit could take complete control of an affected system, including installing programs; viewing, changing or deleting data; or creating new accounts that have full privileges.

The vulnerability, first detected last November, occurs in the way the WINS server handles computer name validation and association context validation.

WINS is a NetBIOS name server used to determine the IP address associated with a particular network computer.

Check out eWEEK.coms for Microsoft and Windows news, views and analysis.



  Reader Comments: New WINS Exploits Making Rounds
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Windows Articles          >>> More By Ryan Naraine
 


x}ks6*Q3{L=RJ64ԭRQ"$1H.I˩'o҃xϝIlK@7F{{~$riOI1%st[D{{}!GP|gS/92r+?_fV'_ZUկf O{:$~[z>540;;RZIjgdZ6 I|]8֠Eq6Cn&j ݒEB_;T\KŗG)H7#ǚ M4ȜSHu t9~}M'Zf-ͨn #di|]\ p3Z&9T23=MH9k 3!RBʼ蝦%/^(P%!P샖_.[ jFTwIQQ#=^f/\R@3Al8{ØWҽT7wsY 9tipq ^oVV͉:]XYujZnE?´;{8m7-ҿ]{0*>cq4Y`I-. 8ǹ:oo:jr-6}5գ"TGg-dj`qaeJݠ}ayw^aϩ>wb^鶝x>:AGAticŦwh4@LrӇtu4A>+ߙwGݺ~LnXŞ+ S߭F#m|&>ld$4o)ssLnM9σ5I#ˋ&0P 2/?뇾axsO>ȁ7`sDo뷺i#SB]jJdN˵K ] RRP$C hI#r Bг1,`@o!``[Xk ab .<ҶBI}vn<){TKh!+K@fsfh(4{~X9{DMfT`B[ᛥLKak`FZ,#M& y@ == 3´ ҄%Ll;i`0Ґ(ea9ޟzF~ h? OuK:\f335{00q}c] k2oiEsӆH|B3< I8͜;luVw]ˤF|a* ,q7! 3Ͱ&q8+owzjré&9|YzY2훿h /&](LuΩJJ&k:HX3j-yspm ֌Os1r@@S*SNT$3Q2-ӧΜ9Eۋ)I :sX-8G4W- 'ٲZbY6(U7v/KƠT:?WuR@Hod m_eƠumLGi+-m" IPצ(X kezdxч($mU6L? 7s=k}0\PeM}d2wê%M*ګY37ld tAqFAݐ`,@ELl5K)թw@4="zu@gzcW@~P9g ?棄YTpܙ4hQ*}a3)4&0Sӹbp=q |X0b=9{p9pJ.a8, uaOhJsWs2&UM8` ;DӜh2F ÉiHuߴ6WKH>LZ`!?RP՘IO5 &^PGe d^s`M[`R9Dzl lF4]}ZjtM{ ipj^DZiI~~~0*Ly.r~^)2qŝa&;~ >ES-cDL3$!OT_'E)'x.5 dx&O}INtHF ‘"}yjmA>\PZr>r+b"[8:T:$漇_܀ä:,Cd>/`Lq]S؇b_@URTZtZu^,_]hD1(dyDF4@/q8bk lBk}rq@l#RaC݂5m"uy@VIJXhQ[_6MO.OVШ6> 7}&mnov=ϼYyr dZKp|avKreH˷"gf\>rWo鸙 y@<sUJ _ b&T~\zy خiϼV&e1g'}VApaqgX,\U;A9Tb9JiRx` fΜzliSO7(~ (zC9+mA>PU]|T&#UX)TԒP?YTAtEU1n?mVPVW`Zd&s\%\{ i0o(Q󩋗r3["X6DД7Ϩ3Rb  kQhce[,^*o(0h_pm;dU]uv'hEw%]wם4O}ڻHn!1`v.ėtOz+~w.R1AR`'yxqȒu4*$yyp|hq0)MF0SkcwȰ6 Z_ťwj_qfiZ ^k5W'27h#۵co( V`!旁1d|PR# (ʑ=`=` VyN .@dBAnpkz!NU He*4Д+e3ѓ:)KS4 jGYkNEm{-~=`rrPR)&bz&I;ɨǺ%uyjtJ1SBt 02H P6,O&e=lI1 iKBih%bbVHRoټ؞6<1ޥ]ƙBNmK$h dgKU 3 KqkP I<+ `->#+y-EY-V6y;q81 ͥ0i8;_=?P.zsgOɵ2sXs\ Zpl+ҿDž³bpi##iWyepja~%X@RoBGH|9yǿ§  [s]3g伉q+ɻnߨ+=YhuKdܗ{vOKn<]1鈧lLSI"ɫzw7}\8%/+w|621@7YU d3D?ye1}doxzo=إ<A?'gLw.z@z@oqw6{Zg%QJ=,qM@jjiIr\<~^YZ䑽DXHڃ}AuULmsuOxϜ'Kmx<~r:?0G Ofxfw9g; 9P`'-ݺܭ)³$`GDA5}缩g涣A jm ڄ0\9f> V*OBWc+YTޞ1;lV3SOpM_k ]5p M[k!/1 %]Kдg=.00yS/sFK[⹏^}lQߏo%~!ӹi*2o٭'"_s WU}D(RQ] ŋX]?FfGBC#]Ӳ uv`EkF-jYJM$ ! r8E'}>l z[$]+;zxYx/B;:-O Jȗ2ϱRF]J'VEoYşnudcgkDϾ#+:wJ~@._An҉c) ?)%tÃBqvS EmS/Ё^"R-w?CyQbFzr ^¢rK^| rT&br<vVl)%9 Cq$e.X(4aI:Q}b'1Ec:q Q]i50|IgضjB{.fext9NS^>8Vc"{Ql +ގˌH->N+bb$0;9|a;ni]b%޾,xDdId+b$e%!-1LurTʼn '´BD|Y"La31R$7qy6i0dSa(nN&)2[&o޵qbBim>åAL"WQAJaՊ!_ ./;5HǒOl#^try*?m j=vV VMb&5@=~h2RbzH yel[ J/; tݹK{r *@?;1Fc -Iٓ0A8(Pt,-#)#_ ǐky*.'0@H0K= <]Wft#"AVmkMaM <(6A&;ɒ4NZTU rh~*Cj\n݅3ݳYR/եB%~9!iaGz(f}%{YZdnwg+-[_z,,t} 1QN=̨&Fc TQR(V2x/ dl*P JPF[ +(Z_<$'^+/N8O soJKƇ55#5PsTSjM{@x<;ƐR`Xgx, i<k}c8SW9->/,z?-UʪR)né$j%-pf >&g\:8VWIx@܂eeee.㪪֞2uKxL;_.ԟ0@-%S)6K45r0ՂZ,+'&aI 6 X@' >|7+YXE#X|)Xp?у' @0JZ|L-ppU8`cꀝ"[+[3ܵhͱಈ@MÐz04}+̛^@.fƗyO񝑊x4?rt^́bH! ^cN )h|!S@'KH qIwH&Z!,"`X$E}c;w5+I (A'P׶kpbڪ; $c5KL2o}6'^zl~Jif#e։ YV$2"*Ιh֖2PͰaD+op#Ajp /,*n?̊GX*t`qM Pb!N4#|nIAwP^я TeQO^tݑE `d%0p+2~bJbFyA y!Fv#{.^qET1&d4FuR]SS[­Z[+W#rd! `,%7vyai`8(ĒA"9塠e3)uk0c2ΩTh,vxWȥc.ZE%>%KZk^YR+Ȉznf]!1cETA9=Q5#]RU B1-~i1]H t3#mz^C GJk&GaLv̈́|W@O[jkhDPU|uȩg=F[TxvXjs 1{xUOq-co@V`m 4,\ <\πTnA4`]"kR%|#|;|P)ÿ#rzww!_ՔV-!c%7>ݺO,A$^rYXkO:Rga^1TҊj9y[4Ra)dIgd%0Y>lGN$(bX ~-=]g|6֢@O eˡWqb\oj8zivea,Q! 0o4 y]KjL߶"|͉2u ;a<{' )ﵪ(5 PUP8AnK]ݴXj>Њ>So‹ɀ XPp]A9(WTD~Nd+`zєyiN&$Yc r+ǯ\IxO)׀gBUV"Ba=X :>IoH!L]U# `x=L(F9'y{0h_*<,P_:}G\wa]}^xf} 'lI<R+$Z MꪂOJBveX &zę|kwy }WSfY3{8~3ROz%r +^@03:%X? &O=lFLn r5_i4UM'WAwAk<m[8j?N9.v.ڗWAqjY^v>L5mkLJE22 n) C9-jO6W#\grxixɎ(ah,.6q́DAgpD(/& F^MÀecnj]}-Zq-3YW'>;tɉcdh>8uPkpYmn8~(hOuɀ.ڹFhRs`__׌+(\~NmfQ>\'P~sA ?m.?gVieC:CL"/\~F(gٮ. Y v> tn]nv?2zg(Q~gewQ{1 ?sw1~=/=? /q _fs?}g?dP埀>eg(U}3s::3/9IR< 9k^픊8kgK " SV9,.N3kP g  ~-22B @~~_} kJ+ťW*7YKxM}%k{F1nvd}WG{1:,y& r hxVydb bye?VPw;]CҤ]z.{%])r-XѧZ}5_9x=* t=}}Zk=QǒGl]#=D~(Kse&o~Tl<-u&j\eףf(+@J~@aaYCPW`!X5R'ȹGG}Q!je>7]Iqq|5h_uw &YNAƊr2OFd}#Oaq1<́Pl@PJ]Xr1 {PxX: N϶{3_;5c]ݸ3EK~{xR Hn2le?j&g^1Ku˹I Ǝ$z o_ɡ=G96Y`_GFbЗ+&: U\6tp;ع86M(ałߜ)#,|H𵝦^璱̀Zԝ96Zd%;BAE:& 6LG1 (OQ"q}$!3I]DAGR(~hD<=رhFʪv\JT~7(H@%GbF8] "!_Sanhy>ⲁ%!:`S s"gTtr!,MNM[c约1gbV!qdFW-["@# e`1l4aehDS,T6ys*>% / iΝE)>2zlz_Odxƪ~axh=&з57b(Q| ӽÿˍt_f%\"d< l[ !ۂˌK-Ӽ>wV¥"UX HMX,8. tmQh~0r,#<[_ڵ<ok39+ot-(5x[n.Feg[$| _[0~Y+ʕbA,\n2?>Şi#}@ }(ۉnFTt `GYu`Kv #qE6<=܈xj;ݺXg 3HTxXU\)siHWTFE®":s`x];={&**kWānlTLxI;s[_߀@>{~w1' 0tcfw^?- ɤ{-̅2 !N^xyu~ҕ^)I&_cQd+8*)ؐrkO` bOP1,F,oԛÌ'TS*4.v>ϭ>~t,saG?qX)>ZYŒBd'KW̱0^5FElT$¨B}3Ay4O~у!gn耵]~=&w3ǂ!y0Ǖ2D1F(-,1f.& w Ax=`#hxf<nRh1)Lb'kI''R la, 9r3 EV z.t3R/4xq{Ϣaʩȩ(vU_|JѬd;j + O{ |I>":Ÿ0+.9 ʝX{ysB(O{9!3 *`'“gGί>!D!6{xvpMIw#K/z.ZRXBYzhI:V; AHdc.Vc"ӳ/ .A|Ѿhy6=xL M4V*wN㛼VtƢI:6pzRSV}01{l~r[)#Us̥D/5^JB\sjh6