Topic: Do you have more security? Microsoft, the Freedom to Share Author: Loyal A. Moses finishing translation: Tony Shen file sharing in today's network environment is essential, but its cost is not the "value for money." We need to quickly spread a lot of information in a small or large group, while facilitating, easy to manage, and can be tracked. Convenience is not to refer to individual, family, company, and government or even do not cost money. It is obvious that this cost can be transferred. Through understanding and implementation of practical safety methods and prevention, we can easily process the dangers due to facilitation. Safety is a state of thinking, the method and process of people who follow, to ensure a certain state of security. Imagine a bank's vault, ask this vault safe? It is just because it is a vault or it is intended to be constructed? Is it safe because of armed guards in the bank, or illegal intrusion will trigger alert? Safe is neither in a device device. It is a method that combines all the combined mechanisms. There are many security-related things in our network, and include an email to commercial spies from the competitor in-box. Difficulties of data sharing is one of the habits we are most likely to be utilized. In order to let your friends see your Holiday photo, you create a shared directory in your home-commercial computer. This sounds at all, but in fact, this is the perfect plot in the world every day, a thousand computers. Imagine the employees in the work to do the same operation, their shared catalog is to allow another person to visit the game you just download from Tucows.com. Shared Directory is not only what your friend can get your home photos or new games, which provides a potential entrance for an attacker to enter your computer system. How can this? The past operating system was originally based on convenience, security was the remedies that were thinking afterwards. One of the most dangerous "convenient" factors in computer network today is "Netbios". NetBIOS (Network Basic Input / Output System) provides programming interfaces for shared services and different overhead network protocols (including IP). NetBIOS is mainly used to share folders / directories and printers. These simple concepts have gone in the hands of a senior attacker will incur a major disaster. This article will discuss NetBIOS security factors and some tools for collecting information from target systems to obtain unauthorized access. The following information is only used for educational purposes, and all excess and excess information have been deleted. NBTSTAT.EXE - This diagnostic command displays protocol and currently using NBT (NetBIOS on TCP / IP) TCP / IP connection. This command can only be used after the TCP / IP protocol is installed. If the TCP / IP's 137, 138 and 139 ports are opened, the command "nbtstat -a ipaddress" will display the current active user, the running service, the NT domain name, the machine name, and the Ethernet hardware address. Once you know what protocols have been installed and properly installed, the work is to dig utilization. For example: machine names are valuable to use multiple weaknesses attacks (such as Msadc.pl - programs prepared by Rain Forest Puppy). The machine name is also useful for the following example. NULL IPC $ Connection- IPC represents inter-process communication, which is a way to communicate with each other. IPC $ is shared with each WindowsNT computer, and can communicate between processes. Using the NULL process (relative to the effective process) is because there is no need to establish a valid trust relationship. The initial purpose of the NULL process allows the NT server and other MS networks to participate in the NT server and other MS networks.