That's the danger highlighted in a security advisory released on Wednesday by hacker-cum-security specialists L0pht Heavy Industries. The flaw affects Windows 95, 98 and 2000 as well as the SunOS and Solaris 2.6 running a network service known as the ICMP router discovery protocol, or IRDP, that determines the route computers use to connect to the Internet.
The result: An unauthorised user can intercept outgoing information, possibly modify unencrypted or lightly encrypted data, or deny service to the network. Except for the denial of service attack, the malicious programmer needs to be inside the network, stated the advisory. For cable modem users, however, an internal user could be anyone on the local loop -- a neighbour or someone on the next block. Since many cable-modem-based networks use the rerouting technology, users are left open to someone snooping their communications to the Internet.
In essence, another computer on the same network can be used to change the default path that packets take out to the Internet. By placing the address of their own server in the system, an attacker can look at all the outgoing packets of information.
While it's a bit of a one-sided conversation -- since incoming packets enter the network normally -- a great deal of information can be gleaned from the outgoing packets, possibly including passwords and credit cards numbers. The most worrisome part of the flaw on Microsoft Windows is that the operating system continues to be vulnerable even when the user believes they have closed the hole.
In a move long considered controversial, L0pht has decided to release the source code to the basics of a program that could exploit such a hole. However, L0pht did delay the release of the advisory at Microsoft's request, said one L0pht member, known by his handle Space Rogue, in an e-mail.
Microsoft and Sun Microsystems Inc. declined to offer comment while members of L0pht could not be contacted.
Take me to the ADSL Special
Take me to Hackers