Security Basics mailing list archives
RE: Wake-On-LAN security
From: Mike Fetherston <mike_sha () shaw ca>
Date: Wed, 12 Jul 2006 09:07:45 -0400
Hi Hylton and Chris, WOL works by sending a specially crafted packet to the NIC's MAC address. See this Wikipedia article for more information on how this works: http://en.wikipedia.org/wiki/Wake-on-LAN I've only seen WOL dis/enabled through the system BIOS. If it's a PCI card there is, more often than not, a cable that connects the PCI NIC to the motherboard. This is how the NIC can turn the PC on when WOL is enabled. If you don't see it in your BIOS then your system may not support WOL, or you may need a BIOS upgrade to see the option become available. Since this operates on Layer 2, it can be filtered by placing a Layer 3 device in front of the PC. Mike Fetherston
-----Original Message----- From: Hylton Conacher(ZR1HPC) [mailto:hylton () conacher co za] Sent: Tuesday, July 11, 2006 11:59 AM To: Security basics Subject: Re: Wake-On-LAN security Chris Largret wrote:On Fri, 2006-07-07 at 11:59 +0200, Hylton Conacher(ZR1HPC) wrote:What command or procedure could be used by a hacker coming through my ADSL connection into the switch to wake up machines plugged into the switch that have Wake-On-LAN nics? How could I prevent the machines from waking up, besides turning off the switch or unplugging the network cable?I'm not familiar with the process of remotely turning on computers over the LAN (never had the need to), but I have had the ability to enable/disable it in most of my system BIOSs. That would be the first place to check.Thanks Chris, I'll have a look in the BIOS. The NIC is however a PCI unit by Genius (model GF100YXR4). When I hardware installed the card I cannot remember seeing any switches or toggles. If I don't come right on finding a solution in the BIOS, I rever to the list as the OS is SuSE 9.2 on which I am an almost total newbie to the command line. Tnx Hylton P.S: I am subscribed to the security basics list so no need to Cc me. -- ======================================================================== Currently using SuSE 9.2 Professional with KDE and Mozilla 1.7.2 Linux user # 229959 at http://counter.li.org ======================================================================== -------------------------------------------------------------------------- - This list is sponsored by: SensePost Hacking, like any art, will take years of dedicated study and practice to master. We can't teach you to hack. But we can teach you what we've learned so far. Our courses are honest, real, technical and practical. SensePost willl be at Black Hat Vegas in July. To see what we're about, visit us at: http://www.sensepost.com/training.html -------------------------------------------------------------------------- -
--------------------------------------------------------------------------- This list is sponsored by: SensePost Hacking, like any art, will take years of dedicated study and practice to master. We can't teach you to hack. But we can teach you what we've learned so far. Our courses are honest, real, technical and practical. SensePost willl be at Black Hat Vegas in July. To see what we're about, visit us at: http://www.sensepost.com/training.html ---------------------------------------------------------------------------
Current thread:
- Wake-On-LAN security Hylton Conacher(ZR1HPC) (Jul 07)
- RE: Wake-On-LAN security David Gillett (Jul 10)
- Re: Wake-On-LAN security Chris Largret (Jul 10)
- Re: Wake-On-LAN security Hylton Conacher(ZR1HPC) (Jul 12)
- Re: Wake-On-LAN security Andre Gagne (Jul 10)
- Re: Wake-On-LAN security Brandino Andreas (Jul 11)
- <Possible follow-ups>
- RE: Wake-On-LAN security Mike Fetherston (Jul 12)
- Re: Re: Wake-On-LAN security blank (Jul 12)
- Re: Wake-On-LAN security Hylton Conacher(ZR1HPC) (Jul 17)