Peeping Through Port 139

I couldn't believe it. There, before me on my computer screen, was a directory filled with family photos, labeled by name. I could have looked at pictures of these folks if I'd cared to. It wasn't my family, though, and these photos weren't on my computer. I had no idea whose computer they were on, but I guessed it was someone in my apartment building, and that they hadn't a clue I was spying on them.

Many of us here in my building get Internet access through cable modems. Few know of the security risks. Now that high-speed access to the Internet can be had through cable and digital subscriber lines (DSL), security holes are easier to exploit. They're easy to fix too, but few are, probably because few people know about the breaches in the first place. Certainly, the cable guy who hooked me up never told me that Windows, in effect, offers an Internet party line to my hard drive. I'm guessing that at least three of my neighbors weren't informed either.

How easy is it to tap into a neighbor's computer if it isn't secured properly? Insanely easy, I learned after a recent night of experimenting. It doesn't take any networking savvy -- just the right program and some anti-social attitude.

One such program is called SMBScanner. It took me about 10 minutes to find on the Internet. Like a police scanner monitoring many frequencies, this software rolls through Internet-protocol (IP) numbers (Internet addresses of nine digits separated by periods, the online equivalent to phone numbers), checking for open ports on computers. Now, a cable company like the one I use usually reserves blocks of successive IP numbers for customer use. So I figured my neighbors would have numbers nearly identical to mine, probably varying only in the last two digits. SMBScanner paid a visit to each of these addresses, checking to see if port 139 -- the connection point computers often use to network with one another -- was open. Within minutes, it found three.

From there, it was just a matter of employing the operating system's user-friendly ability to "map" another computer's hard drive to its own file system. This was a snap, given that two of the three computers had no password protection whatsoever. One poor user actually had a printer online. I pondered printing him or her a page reading YOU'VE BEEN HACKED! But what good would such a missive be if I couldn't enjoy the other person's surprise upon receiving it? Anyway, it was probably best to remain in stealth mode for this fact-finding mission. So I mapped someone else's C drive instead, giving me access to its contents. And that's when I found the directory named "Family Photos."

That's also when I chickened out. I couldn't nerve myself up to actually look at any of the snapshots. I felt guilty enough already for having snooped this far. So I disconnected. My point was made. I didn't actually want to peer into somebody else's computer; I just wanted to see if I could do it.

Anyone who has a high-speed Internet connection (and wants to avoid having done to them what I nearly did to my neighbors) should take the ShieldsUp security test offered by the Gibson Research Corp. (GRC, grc.com), run by computer guru Steve Gibson. It's where I learned about these vulnerabilities. GRC's Web site tests your computer to see what ports it can wiggle into. It's an eyeopener.

How does this happen? It's a weird amalgamation of factors, a snafu that only surfaces when home networking, dedicated Internet lines, and people's steadfast refusal to use passwords are combined.

Start with someone tying two computers together. According to GRC, when "Microsoft's networking client is installed, a default setting which would have protected many millions of computers if it were normally set to 'off' is instead set to 'on.'" Upshot? A home network is left open to the entire Internet. What is odd about this is that it is totally unnecessary. This option was set to "on" only to save Microsoft in customer-service calls, the Gibson site contends.