Vista feature exposes beta machines

Iria · Aug 18, 2005, 10:59 PM

Windows Vista beta testers have stumbled upon a networking feature in the operating system that could pose a security risk to them, but they say they're not worried.

After installing the first beta release of the upcoming Windows client, some testers noticed suspicious network traffic to their machines. Concerned about a possible attack, these people last week contacted the SANS Internet Storm Center.

"There was very curious traffic that did not match anything that they had seen before," said George Bakos, a security expert at the Institute for Security Technology Studies at Dartmouth College who is associated with SANS. "The concern was that this may be some new type of attack, or somebody scanning for a vulnerability we were unaware of."

The traffic was coming from computers on the Internet that, as far as the testers knew, were not supposed to be communicating with the beta machines. "It was anomalous to everything they were aware was going on," Bakos said.

After investigating the traffic for SANS, Bakos found the culprit: a peer-to-peer networking feature that is turned on by default in Vista Beta 1, released last month. The feature uses a new version of Microsoft's peer name resolution protocol (PNRP) and connects to other beta machines as soon as an Internet connection is available, he said.

That default turn-on could expose the testers' machines to some security risks, Bakos said.
__________
Read More / Source: ZDNet

The_Neon_Cowboy · Aug 18, 2005, 11:08 PM

ROFL @ MS, I'm sure RIAA is watching very closely after hereing the term "peer to peer"

Aug 18, 2005, 10:59 PM	#1
Iria DriverHeaven Extreme Member Join Date: Apr 2004 Posts: 7,275 Rep Power: 89	Vista feature exposes beta machines Windows Vista beta testers have stumbled upon a networking feature in the operating system that could pose a security risk to them, but they say they're not worried. After installing the first beta release of the upcoming Windows client, some testers noticed suspicious network traffic to their machines. Concerned about a possible attack, these people last week contacted the SANS Internet Storm Center. "There was very curious traffic that did not match anything that they had seen before," said George Bakos, a security expert at the Institute for Security Technology Studies at Dartmouth College who is associated with SANS. "The concern was that this may be some new type of attack, or somebody scanning for a vulnerability we were unaware of." The traffic was coming from computers on the Internet that, as far as the testers knew, were not supposed to be communicating with the beta machines. "It was anomalous to everything they were aware was going on," Bakos said. After investigating the traffic for SANS, Bakos found the culprit: a peer-to-peer networking feature that is turned on by default in Vista Beta 1, released last month. The feature uses a new version of Microsoft's peer name resolution protocol (PNRP) and connects to other beta machines as soon as an Internet connection is available, he said. That default turn-on could expose the testers' machines to some security risks, Bakos said. __________ Read More / Source: ZDNet

Aug 18, 2005, 11:08 PM	#2
The_Neon_Cowboy HardwareHeaven Extreme Member Join Date: Dec 2002 Location: U.S.A. Posts: 16,009 Rep Power: 92 System Specs	ROFL @ MS, I'm sure RIAA is watching very closely after hereing the term "peer to peer" __________________