cheap Michael kors handbags outlet weakness can lead to network traffic hijacks
Reviews Top Categories Phones Laptops TVs Tablets Cameras Appliances Car Tech Audio Desktops Software Headphones Printers Networking Wearable Tech Deals
How To Top Categories Computers Home Entertainment Internet Phones Photography Security Tablets ForumsLog In to CNET Join Related Stories New shield foiled Internet backbone attack March 9, 2007 Hack lets intruders sneak into home routers February 15, 2007 DNS servers do hackers’ dirty work March 24, 2006
WASHINGTON A problem in the way Windows PCs obtain network settings could let attackers hijack traffic, security researchers said Saturday.
The problem occurs because of a design bug in the system used by Windows PCs to obtain proxy settings, researchers with security firm
michael kors handbags outlet IOActive said at the ShmooCon hacker conference here. As a result, an attacker with access to a network at a corporation, for example, could insert a malicious proxy and see all the traffic, the researchers said.
"The upshot of it is that I can become your proxy server without you knowing about it," Chris Paget, director of research and
cheap michael kors development at IOActive, said in an interview after his presentation on the problem. "I can put up the equivalent of a detour sign on your network and redirect
Michael kors handbags outlet all the traffic."
An attacker can set up that "detour sign" because Internet Explorer on Windows PCs by default searches for a proxy server using the Web Proxy Autodiscovery Protocol, or WPAD, Paget said. It turns out that an attacker can easily register a proxy server on a network using the Windows Internet Naming Service, or WINS, and other network services including the Domain Name System, or DNS, he said.
"When IE starts up, it will ask the network
wholesale Michael Kors handbags outlet where its proxy server is," Paget said. "It is really easy to put up your hand and say: ‘Here I am.’"
Microsoft acknowledged the problem in a support article published Saturday on its TechNet Web site. "If an entity can surreptitiously register a WPAD entry in DNS or in WINS clients may be able to route their Internet traffic through a malicious proxy server," Microsoft said in its support article.
If an attack is successful, all traffic on a network will flow through the attacker’s proxy. This means the attacker can access all the data, redirect and manipulate it and carry out all kinds of
cheap Michael Kors handbags outlet other nefarious acts, Paget said.
Still, the proxy problem isn’t a critical security issue, Paget and fellow IOActive security expert Dan Kaminsky said. An attack is possible only with access to the target network, not from the Internet, they noted. "The biggest risk inside a corporation would come from a malicious insider," Paget said. "This is not worthy of mass panic or critical advisories."
That doesn’t remove the need to fix the problem. Insider threats are real. Also, the proxy problem may be appealing to attackers who find it increasingly hard to exploit other vulnerabilities, Kaminsky said.
"Buffer overflows and other bugs have gotten a lot harder to do, so design issues like this have gotten a lot more interesting for attackers," he said.
Problems with WPAD aren’t new. Seven years ago Microsoft patched IE 5 because the browser would search for a proxy server on the Internet if it failed to find one on its local network. That let a malicious hacker give settings to the browser that
Michael Kors handbags would facilitate a broader attack. As a result the people using those PCs ended up on an online auction Web site regardless of the address they typed into their browser.
In its support article, Microsoft lists steps for network administrators to address the WPAD problem. The steps reserve static WPAD DNS host names and to reserve WPAD WINS name records. As a result, an attacker’s malicious WPAD name will no longer work, which will foil the malicious proxy trick, Paget
cheap Michael Kors handbags outlet said.
Are you people really that stupid. Now we have a reputable IT company CNET blowing up a story as a major weakness in windows.
Pull your heads out of the sand, discuss the problem like it really is in todays market and lets address it.Articles Connexes：