Home page logo
/

basics logo Security Basics mailing list archives

RE: Wake-On-LAN security
From: Mike Fetherston <mike_sha () shaw ca>
Date: Wed, 12 Jul 2006 09:07:45 -0400

Hi Hylton and Chris,

WOL works by sending a specially crafted packet to the NIC's MAC address.
See this Wikipedia article for more information on how this works:
http://en.wikipedia.org/wiki/Wake-on-LAN

I've only seen WOL dis/enabled through the system BIOS.  If it's a PCI card
there is, more often than not, a cable that connects the PCI NIC to the
motherboard.  This is how the NIC can turn the PC on when WOL is enabled.
If you don't see it in your BIOS then your system may not support WOL, or
you may need a BIOS upgrade to see the option become available.

Since this operates on Layer 2, it can be filtered by placing a Layer 3
device in front of the PC.

Mike Fetherston


-----Original Message-----
From: Hylton Conacher(ZR1HPC) [mailto:hylton () conacher co za]
Sent: Tuesday, July 11, 2006 11:59 AM
To: Security basics
Subject: Re: Wake-On-LAN security

Chris Largret wrote:
On Fri, 2006-07-07 at 11:59 +0200, Hylton Conacher(ZR1HPC) wrote:

What command or procedure could be used by a hacker coming through my
ADSL connection into the switch to wake up machines plugged into the
switch that have Wake-On-LAN nics?

How could I prevent the machines from waking up, besides turning off the
switch or unplugging the network cable?

I'm not familiar with the process of remotely turning on computers over
the LAN (never had the need to), but I have had the ability to
enable/disable it in most of my system BIOSs. That would be the first
place to check.
Thanks Chris, I'll have a look in the BIOS. The NIC is however a PCI
unit by Genius (model GF100YXR4). When I hardware installed the card I
cannot remember seeing any switches or toggles.

If I don't come right on finding a solution in the BIOS, I rever to the
list as the OS is SuSE 9.2 on which I am an almost total newbie to the
command line.

Tnx
Hylton
P.S: I am subscribed to the security basics list so no need to Cc me.
--
========================================================================
Currently using SuSE 9.2 Professional with KDE and Mozilla 1.7.2
Linux user # 229959 at http://counter.li.org
========================================================================


--------------------------------------------------------------------------
-
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and
practice to master. We can't teach you to hack. But we can teach you
what we've learned so far. Our courses are honest, real, technical
and practical. SensePost willl be at Black Hat Vegas in July. To see
what we're about, visit us at:

http://www.sensepost.com/training.html
--------------------------------------------------------------------------
-




---------------------------------------------------------------------------
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and
practice to master. We can't teach you to hack. But we can teach you
what we've learned so far. Our courses are honest, real, technical
and practical. SensePost willl be at Black Hat Vegas in July. To see
what we're about, visit us at:

http://www.sensepost.com/training.html
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]