Solved

Security question about "Boot on Lan Technology"

Posted on 2004-04-24
4
2,268 Views
Last Modified: 2010-04-11
  My institution is considering using "Boot on Lan Technology" is there any security problems with that? Whats to keep someone from booting computers on the network. If I goto freshmeat.net i can download software that boots computers for free and so can someone that i don't want to. Is the special packet that wakes a computer up configurable?

  I'm not looking for a answer pertaining to the security of the entire network nor it's machines no matter how justified you might think it is. Which means im not awarding points for these types of answers.
0
Comment
Question by:Fubyou
  • 3
4 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10909645
The basic security of wake-on-lan technology is the knowledge of the MAC adderss, that's it. USUALLY there is no password, you just have to have the MAC address correct. Sometimes you need both MAC and IP, others have added a password in addtion to the IP and MAC address. Your BIOS must support the feature first, then your NIC.
http://support.intel.com/support/network/adapter/pro100/sb/cs-008438.htm
http://support.intel.com/support/network/sb/CS-008459.htm#1 (no password required)
http://www.amd.com/us-en/ConnectivitySolutions/TechnicalResources/0,,50_2334_2481,00.html

There isn't much as far as authentication with respect to WOL... but it would take you a long time to brute-force a bunch of MAC address's to get one right. The NIC's don't answer regular boadcast's when the PC is powered off, they do listen, and that's how they pick-up the WOL packet. So someone can't sniff your network and get MAC address's while the PC's are off.
http://www.ciol.com/content/search/showarticle1.asp?artid=38876

But if they did manage to boot the a pc or server, then they could start to work on those boxes...
GL!
-rich
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10909694
To clarify, look at different NIC verdors to see if one offers more security than another.
This is the process...
A Magic Packet is simply a UDP packet with a specific sequence of bytes. The sequence is a 6 byte synchronization byte sequence (0xFFFFFFFFFFFF), followed by the primary network cards Physical Addresses (MAC address) repeated 16 times in sequence, for the machine you are attempting to wake up.  After building this packet we then broadcast it to a local subnet.

Still I was unable to find any of the popular NIC providers that offered a password for wak-on-lan...
intel,amd,3com,linksys,dell etc...
-rich
0
 
LVL 2

Expert Comment

by:Phill_upson
ID: 10938727
Whilst using network boot doesn't require an initial password all you really have access to is the wiring and to see that other kit exists (no less secure than someone plugging their laptop into a spare socket on the wall).  Whatever you are booting over the network, which as commented before would need a matching MAC address, would normally be your standard OS anyway, requiring the user to login before accessing resources.  I have to say I haven't seen an attack use lan boot as an access method, coupled with this, the machine would need matching hardware to boot successfully anyway due to the drivers for the hardware.

Hope this helps
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 10938954
True, it appears that physical security is necessary, but should someone be able to get in your lan from outside,  a backdoor, a trojan, P2P exploit, hacking etc... they could install the WOL software. I've never seen anyone do it however, most PC's are left on after hours, or the majority of them are, typically because users aren't told to turn them off, or to roll out updates to the PC's. You can inforce both... you can schedule a task to run to shut down PC's after hours, in addtion you can specify Log-On hours so that no one could try to log on pc's after hours, but the PC's can be booted or remain booted "after hours". Windows Shutdown.exe can easily be scripted to send the "shutdown" command to IP's that you specify, in what ever time frame you specify, every five minutes, every hour etc...  But as said before, it's typically overlooked, and or not done often- the WOL that is.
-rich
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question