The Claim:
There is a "Gaping Hole"
in Internet Security
for Windows and NT Users
[1] Main Lockdown2000 page titled "The Complete Fire Wall For Windows: LockDown 2000!": "Hackers have found a way to access your Windows 95, 98, and NT application software. Internet users should know that their private information stored on their computer is no longer secure. With very little trouble, even less experienced hackers can tunnel into your database through an electronic loophole and major security hole in modern personal computer operating systems. Because of this electronic loophole all users have become easy prey for the most casual, indiscriminate computer hacker."
[2] "Press Release" written by Michael Paris dated "updated 07/10/98" titled "News Release For Lockdown 2000 The Ultimate Internet Protection Software!": "Mr. Paris demonstrated the existence of a major security weakness of modern computer software. This finding is bound to sound a worldwide general alarm to all Internet and network computer users. Harbor Telco Corp. refers to this hacker's highway as a major security hole on the Internet leading into all Windows 95, 98 & NT operating systems." "This is a serious problem that the public has only recently learned about. This is not a BUG in the Windows software program, but rather one of the largest security holes ever seen on the Internet" Originally written in about May or June of 1998, this press release referred to ByteTight Security Corp. and the Hackerproof98 product. The revision of 10 July was apparently only to omit those names and refer to the product as Lockdown2000.
[3] Page titled "News Release For Lockdown 2000 The Ultimate Internet Protection Software!" "updated July 10 1998": "There is a major part of the Internet open to this security hole! Thirty percent of the computers tested were accessible."
[4] Page titled "manual": "Did you know that an average of 6 out of 10 random Windows 95, 98, and NT computers on the Internet are being accessed without the need of any special hacker programs."
[5] Page titled "CNNfn - Gaping Hole Found In Windows Internet Security - July 06, 1998": "A small start-up firm named ByteTight Computer Security Corp. has announced a gaping hole in Windows Internet security lets any person get into any other Internet-connected computer that has file sharing turned on." "ByteTight's president, Michael Paris, told Newsbytes Monday morning he is taking the security problem public at this point..." "...the problem is global, he [Paris] stressed." "He says the percentage of vulnerable people on the Internet is startlingly high, maybe as high as 80 percent"
[6] TechEdge Radio interview with Michael Paris, conducted by Virginia Webb, 19 March 1999: "...originally, when we found this gaping hole in the Internet as far as people being able to access your computer network shares over the net, we developed a program to be able to block access to those network shares. There wasn't anything built in to do it in Windows 95 or Windows 98." Excerpted clip: .wav format, RealAudio, transcript
On neither the lockdown2000.com website, nor on harbortelco.com, is there any statement which specifically identifies what exactly this "gaping security hole" is. Only in the recent TechEdge Radio interview was this ever stated by Paris; and in that interview (as well as in every other public statement about this alleged "hole") it was neither clearly explained nor accurately characterized. Claims ranging up to 80% of all systems suffering from this vulnerability are never substantiated.
The "Gaping Hole in the Internet" is nothing more and nothing less than Windows' File and Printer Sharing.
Read about File
and Printer Sharing to find out exactly what it is, how it
fits into the networking scheme, and learn more about related
security issues.
File and Printer Sharing is 100% under the user's control. Michael Paris' statement above that "There wasn't anything built in to do it [block share access] in Windows 95 or Windows 98" is false.
It is a standard service in Windows9x/NT systems and a function of the NetBIOS networking protocol; a useful and generally secure means of enabling access to files on a networked machine.
File sharing can be entirely enabled or disabled by the user. It is readily configured, using Windows' own built-in tools, on a per-device basis, whereby shares can be made accessible over one network connection but not another.
Shared resources are set up, access modes established, and passwords specified by the user. Merely setting a well-chosen password can fully protect even a misconfigured share from unwanted access.
In NT 4.0 systems, it is impossible to set up open shares by
accident or misconfiguration.
It is possible, and rather easy in some 1995 versions of Win95, to misconfigure File and Printer Sharing in a networked machine. By "networked," I mean a system which is connected to a local area network (LAN) of two or more machines such as a business or some homes might have.
This can also apply to cable modem users, because if they have
enabled sharing, Windows provides no warning of the fact that
sharing will be enabled on the cable modem connection.
The following circumstances can lead to risk of unwanted shared-file access:
If the above are true, then the user may sometimes be unaware that sharing is enabled on the Internet link. For shares to be at risk, the following must be true:
The problem, such as it is, is caused by just three things:
A very large majority of ordinary Net users. If you don't fit
the descriptions above, relax.
How to Close "The Hole" Yourself in 30 Seconds, Free of Charge
Just turn off File and Printer Sharing.
Or, if you're using shared resources on a LAN and so must have
sharing enabled, simply unbind File And
Printer Sharing from the device that connects your system to
the Internet.
Shared reources can be a very handy way to enable file access acrross the Net. I've written a detailed account of the way it works, how to deal with the security considerations, and how you might put it to good use.
There is no "Gaping Hole in the Internet."
There's no doubt that misconfigured file shares have been and remain a potentially serious security problem for a small minority of Net users. As cable service grows, there are corresponding numbers of people at potential risk, if they ignore easily-available information and especially if their providers fail to inform them.
But the solutions are extremely simple, they cost nothing, and service providers need only engage in a simple educational approach to protect their clientele from unwanted intrusions. Most of them do exactly that.
Analysis: Why is Michael Paris The Only Person Promoting This "Gaping Hole"?
It's literally true. Aside from Lockdown sellers who parrot Michael Paris' statements, I am unable to find any other person anywhere who promotes this "gaping hole" in terms anything like those used by Paris. The nearest one finds is the occasional sage advice or cautions issued by knowledgeable persons; usually accompanied by easy (and free) methods of avoiding misconfigured shares.
I can't account for Mr. Paris' state of mind; so I'll answer this only with questions: