Solved

Security question about "Boot on Lan Technology"

Posted on 2004-04-24
4
2,260 Views
Last Modified: 2010-04-11
  My institution is considering using "Boot on Lan Technology" is there any security problems with that? Whats to keep someone from booting computers on the network. If I goto freshmeat.net i can download software that boots computers for free and so can someone that i don't want to. Is the special packet that wakes a computer up configurable?

  I'm not looking for a answer pertaining to the security of the entire network nor it's machines no matter how justified you might think it is. Which means im not awarding points for these types of answers.
0
Comment
Question by:Fubyou
  • 3
4 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10909645
The basic security of wake-on-lan technology is the knowledge of the MAC adderss, that's it. USUALLY there is no password, you just have to have the MAC address correct. Sometimes you need both MAC and IP, others have added a password in addtion to the IP and MAC address. Your BIOS must support the feature first, then your NIC.
http://support.intel.com/support/network/adapter/pro100/sb/cs-008438.htm
http://support.intel.com/support/network/sb/CS-008459.htm#1 (no password required)
http://www.amd.com/us-en/ConnectivitySolutions/TechnicalResources/0,,50_2334_2481,00.html

There isn't much as far as authentication with respect to WOL... but it would take you a long time to brute-force a bunch of MAC address's to get one right. The NIC's don't answer regular boadcast's when the PC is powered off, they do listen, and that's how they pick-up the WOL packet. So someone can't sniff your network and get MAC address's while the PC's are off.
http://www.ciol.com/content/search/showarticle1.asp?artid=38876

But if they did manage to boot the a pc or server, then they could start to work on those boxes...
GL!
-rich
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10909694
To clarify, look at different NIC verdors to see if one offers more security than another.
This is the process...
A Magic Packet is simply a UDP packet with a specific sequence of bytes. The sequence is a 6 byte synchronization byte sequence (0xFFFFFFFFFFFF), followed by the primary network cards Physical Addresses (MAC address) repeated 16 times in sequence, for the machine you are attempting to wake up.  After building this packet we then broadcast it to a local subnet.

Still I was unable to find any of the popular NIC providers that offered a password for wak-on-lan...
intel,amd,3com,linksys,dell etc...
-rich
0
 
LVL 2

Expert Comment

by:Phill_upson
ID: 10938727
Whilst using network boot doesn't require an initial password all you really have access to is the wiring and to see that other kit exists (no less secure than someone plugging their laptop into a spare socket on the wall).  Whatever you are booting over the network, which as commented before would need a matching MAC address, would normally be your standard OS anyway, requiring the user to login before accessing resources.  I have to say I haven't seen an attack use lan boot as an access method, coupled with this, the machine would need matching hardware to boot successfully anyway due to the drivers for the hardware.

Hope this helps
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 10938954
True, it appears that physical security is necessary, but should someone be able to get in your lan from outside,  a backdoor, a trojan, P2P exploit, hacking etc... they could install the WOL software. I've never seen anyone do it however, most PC's are left on after hours, or the majority of them are, typically because users aren't told to turn them off, or to roll out updates to the PC's. You can inforce both... you can schedule a task to run to shut down PC's after hours, in addtion you can specify Log-On hours so that no one could try to log on pc's after hours, but the PC's can be booted or remain booted "after hours". Windows Shutdown.exe can easily be scripted to send the "shutdown" command to IP's that you specify, in what ever time frame you specify, every five minutes, every hour etc...  But as said before, it's typically overlooked, and or not done often- the WOL that is.
-rich
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
ports for sccm 2012 1 64
DDOS against DYN 9 86
Cheap SSL Certificates 3 59
Windows 2012R server restarting mysteriously 9 65
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now