Does Your Computer Suffer from Unsightly Data Seepage?

If you find this useful please share it!

Does your computer suffer from embarrassing data seepage? Or, perhaps, even compromising data seepage? That’s the conclusion that two researchers came to when analyzing what our wifi-enabled laptops tell the world whenever we turn them on in public. Fortunately, these researchers have created a program to ferret out that data seepage, a program named, aptly enough, Ferret.

According to David Maynor and Robert Graham of Errata Security, every time you turn on your wifi-enabled computer, you are either intentionally or accidentally telling the network world far more than you probably intended. This is due to, according to Errata, programs that are set to autostart, your computer looking for resources like shared drives and local network resources upon boot up or waking up, the settings on email clients, and instant messaging clients.

Things that can seep, they say, include “Wifi packets, DHCP Broadcast. NetBIOS/SMB Broadcast and DNS/Bonjour Requests.” Their software, Ferret, is designed to show you exactly what data your computer is seeping out to the world.

 

In their presentation, which is online, they give this example:

“When a wifi enabled laptop starts up it will look for a list ok “known networksâ€? or networks it has connected to before. This list can be used to determine where the laptop has been used.”

Why does that matter? Who cares if someone knows where your laptop has been used?

Well, here’s an example that Errata gives of the kind of data that an ordinary person’s ordinary laptop can seep, and what can be gleaned from the information:

“A machine with the Mac Address of 00-18-f3-57-24BD belongs to John Smith.

Read Internet Patrol Articles Right in Your Inbox
as Soon as They are Published! Only $1 a Month!

Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
Does Your Computer Suffer from Unsightly Data Seepage?
Or get notified of new Internet Patrol articles for free!

This laptop has connected to wifi access point at Hartsfield airport, Heathrow, SeaTac, and various T-Mobile spots, and ABCsoft and XYZsoft.

John has the AIM name “PrschDude9� and has XYZsoft1 on his buddy list.

He uses a popclient to check his personal email and his passwd is porsche911turbo.

John works for ABCsoft because his browsers attempts to go to internal.abcsoft.com when it first starts up.

It also attempts to connect to \internal.abcsoft.com\sales and \internal.abcsoft.com\public on start up.

He has a myspace account where he had pics of the last company party

So what can you determine about this if you know ABCsoft and XYZsoft are bitter rivals?

Sounds like a merger or buyout.

Since you know Johns pop password you can try it against ABCsoft’s webmail client, he might use the same password.

Social Engineering – “Hey wasn’t that a horrible shirt John was wearing at the last company party…run this program to update your accounting software.�

You know portions of the internal layout of the ABCsoft intranet.

Make trojans and client side exploits more efficient because you have a target to attack. ”

Their Ferret code appears to be still in the very baby beta stages, and they allude to as much on their site. Still, if you are geek enough and want to try running the code, you can get it from their website at ErrataSec.com

 

You can see their presentation here.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money.That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?Thank you!

Does Your Computer Suffer from Unsightly Data Seepage?

Get notified of new Internet Patrol articles!

If you find this useful please share it!

2 Replies to “Does Your Computer Suffer from Unsightly Data Seepage?”

  1. This has nothing to do with the above story. I was surfing your site and ran across a “get rich quick” article about finding only two bona fide sites, one which involved typing ads from home. I was interrupted, lost the article, and cannot find it anywhere now. Can you send me a link to the article? I’m really interested; otherwise I would not bother you. Thank you.

  2. Great post and very interesting information. I’m going to try that code out on my notebook and see what it comes up with.

Leave a Reply

Your email address will not be published. Required fields are marked *