Security threats to cablenet users

Shripad · May 23, 2005

Hi people.
I just couldnt resist myself after what i saw with my own eyes.
Rave about 15 days ago told me about a tool called Angry IP scanner.
My original aim was to trace the guy who was by mistake using my IP.
What i ended up finding is whole different story.
I was able to access 10 PCs as they had no protection.
I left a text document on all 10PCs warning them what could happen.
I contacted my friend who is exatt user and he was able to do the same.
Same goes to Airtel network and pacenet and sify.
The computers connected to local servers are open to attacks. I only left a text document but hell i could have easily left a infected file or a spyware or even trojan.
So guys who are on cablenet make sure you do not share any folders online. Also make sure you have disabled guest login and your own login is password protected. And you have a firewall and if possible a proxy installed.

Here are the few screenies of what i was able to do. And remember guys i am posting this just to alarm you. Dont misuse this info..... ok?

Here are the screenies

KingKrool · May 23, 2005

Airtel network

Normally, that is not possible on a DSL network, unless Airtel assigns a private (normally static) ip to each comp.
But actually, this is possible on dialup too. Yes, I have done it over the net.

Shripad · May 23, 2005

well the problem is. With most broadband users being constantly online it increases the risk.
The risk with the cablenet is the high bandwidth.
The users i scanned were from my local node.
I have 100MBps access to these guys. I can virtually send him a large chunk of data without him knowing it. And by the time he knows it, damage will be done.

puns · May 23, 2005

scanned the ip range around my ip , all came dead ... so it seems to be secured ...
People on dc++ might be most vulnerable .

KingKrool · May 23, 2005

Carry out DoS attacks using nmap -M option (-M 1000)!!!!
Then steal his IP and MAC address, so that the servers will think u are him!

Shripad · May 23, 2005

this tool tells you MAC address as well

sunnydiv · May 23, 2005

so what does one do after finding the ips

NeXgeN · May 24, 2005

only if u give access to change files on sharing....then u r prone to attacks.
yes u need a good firewall...disabling guest acc...in XP wud be a good thing.
and dc++ is least vulnerable to attacks

Hacker · May 25, 2005

funkymonkey said:
Hi people.

I contacted my friend who is exatt user and he was able to do the same.

Funky you are exatt user, where do u live gimme some details (so that i can call the cops)

kidding

im using exatt too.

observer · May 26, 2005

But is it possible to mask the MAC address?

Aces170 · May 26, 2005

Yes, use a fake MAC address, most D-link Lan cards can do that. This is nothing on my local network someone had left a scanned image of his credit card, ATM card, International Credit card, as well as the same for his wife.

Blame it on Bill without SP2, XP enables Folder sharing on by default.