Windows ICS Attack Can Bring Down Firewall

Author
Aron Schatz
Posted
October 31, 2006
Views
2173

Page All:

Page 1
This is not that big of a deal for most people, but if you are running internet connection sharing it may be. Move to a router.

Quote

The code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows' Internet Connection Service (ICS). This service allows Windows users to essentially turn their PC into a router and share their Internet connection with other computers on the local area network (LAN.) It is typically used by home and small-business users. The attacker could send a malicious data packet to another PC using ICS that would cause the service to terminate. Because this service is connected to the Windows firewall, this packet would also cause the firewall to stop working, said Tyler Reguly, a research engineer at nCircle Network Security Inc., who has blogged about the issue.

Title

Medium Image View Large