Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » ShareSniffer - Hacking for Dummies

ShareSniffer - Hacking for Dummies

by Nikola Strahija on March 15th, 2001 In the wake of the Napster verdict, more and more alternatives to the popular music file swapping service are appearing on the Internet landscape. One new tool making waves among the file sharing community could give Windows users more than they bargained for. ShareSniffer is now available for download and may be waiting to invade your computer.


March 12, 2001 - In the wake of the Napster verdict, more and more alternatives to the popular music file swapping service are appearing on the Internet landscape. One new tool making waves among the file sharing community could give Windows users more than they bargained for. ShareSniffer is now available for download and may be waiting to invade your computer.

While ShareSniffer is just beginning to be marketed to the mainstream public, the concept behind it has been around for quite some time. Any Windows user that has an Internet connection can use Windows Explorer to connect to another IP address. The user can then access any exposed files at the target address.

ShareSniffer is a search tool that enables a user to find exposed Windows Explorer files from all IP addresses, which are then oftentimes posted on a Usenet news group. It will not make any attempt to connect to systems protected by a password or firewall. In fact, ShareSniffer claims that it is only uncovering shares on the Internet that "people have voluntarily exposed." With that all said, ShareSniffer is in fact a quick lesson in hacking that could take advantage of countless numbers of unwitting Windows users.

Let's get to the first problem. ShareSniffer claims that it uncovers shares that are "voluntarily" exposed to the Internet. While it is true that default settings on Windows Explorer do not allow the search tool to access system files, people are not necessarily purposely exposing those files to the Internet when they change system settings.

Right now it is becoming much more common for households to have more than one computer, so users will oftentimes disable default settings in order to more easily access files within the local network neighborhood. Combine this with the dramatic increase in the number of households switching over to cable modems, and suddenly you have a number of people who are not intentionally sharing files 24 hours a day for the masses to access.

With Windows being the overwhelmingly popular operating system used today, in part because of its simple concept, the threat that ShareSniffer poses increases because a number of Windows users may not be aware of what security measures to take to protect their systems.

This brings us to the question: What can a person using ShareSniffer do once they have access to these shared files? The answer is, anything. This is where ShareSniffer goes beyond the familiar territory that so many have ventured into with Napster. While Napster allows (or should we say allowed?) users to share files, it is only done with the knowledge of both users involved in the copying process. Moreover, it does not allow these files to be altered in any way.

ShareSniffer enables a user to modify or delete another user's files from Windows Explorer. Suddenly anybody with a computer can become a hacker. No longer does the term hacker conjure up the image of a person in a dark basement who is furiously pounding away at multiple keyboards while munching on Skittles and not sleeping for days.

Not surprisingly, this is where ShareSniffer, Inc. defers all liability. According to ShareSniffer's website, the tool "does not give you any way to manipulate shared files on any system. It only shows the files to you. If you want to manipulate them, it passes that task to your local operating system and you."

Now let's go back to the unwitting household. Even ShareSniffer admits that there may be a problem here. Co-founder Kerry Rogers says, "We're seeing stuff on the Usenet group that we don't necessarily want to see." However, Rogers believes that people will catch on to the threat as the tool becomes more widely known. "People will realize that they're going to be exposed."

This appears to be the "if you want to make an omelet, you're going to have to break a few eggs" approach. While people will eventually realize the security threat posed by ShareSniffer, the amount of harm that can be done right now is significant. Imagine living in a neighborhood where a number of houses are suddenly getting broken into. You would likely increase security at your own house. Of course, by then it is already too late for a number of people.

Preventing a hack via ShareSniffer is relatively simple. The easiest prevention is to go to your Windows Explorer properties and make sure that "not shared" is checked under the Sharing heading. If you are sharing files within a network, use a password to protect your files. ShareSniffer will not make an attempt to connect to your system. If you are interested in using firewalls to protect your system, more information is available at http://securityportal.com/articles/pf_main20001023.html.

If ShareSniffer denies any responsibility for malicious actions taken by its users, then who is liable? The Napster decision has already shown that the courts will rule against the company that provides the service. Other file swapping services (albeit ones that use a slightly different concept) such as Scour are already long gone.

Once a hacker gets caught illegally accessing files using ShareSniffer, who takes the blame? Well, there is no concrete answer, but history indicates that ShareSniffer will certainly see its share of lawsuits. Who was to blame for opening Pandora's Box? In this case, we see a whole new Pandora's Box being created just waiting for someone to come along and open it.

This brings us to one final question: If ShareSniffer is aware of the potential problems that will likely occur once (and if) it becomes more popular, why did they start distributing it in the first place? Well, your answer is as good as mine. I would say two things: fame and fortune.

First off, ShareSniffer is charging for the service after a seven-day trial period. They may, as Steve Miller put it, "Take the money and run." Second, controversy usually ends up in fame. Nobody knew who Shawn Fanning was until Napster took off. The creators may have decided that a tool like this was going to come out some day, so they might as well be the ones to benefit.

So how long will ShareSniffer be around? That is anybody's guess. That's not the real lesson here, though. There will no doubt be clones that arise even if ShareSniffer goes by the wayside. As hacking becomes easier, people are going to have to educate themselves on how to protect their systems. While people are quick to embrace the quickly improving technology, they also have a responsibility to be aware of all of the potential risks that come along with it.

Resources
ShareSniffer
http://www.sharesniffer.com/
Slashdot.org
http://slashdot.org/article.pl?sid=01/02/26/1610203&mode=thread

SecurityFocus
http://www.securityfocus.com/news/159
Personal Firewalls/Intrusion Detection Systems
http://securityportal.com/articles/pf_main20001023.html

from http://www.securityportal.com/articles/sharesniffer20010312.html


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »