Thursday, March 06, 2008

Broadband over mobile isn't exactly "safer"

Have been using and playing around with mobile broadband for the past few months. =D

If anyone says that mobile broadband is safer (in the sense that we're less exposed to the internet), let me highlight some things here (though these should be pretty logical/obvious) :

It's true that the IP addresses given are for "private addresses", meaning that the clients are in a segregated "protected" network. This is seen by the fact that the IP address leases are in the Class A network, but it does not stop other clients from accessing your computer directly, which is the important thing of note here.

Attached is the screenshot of my firewall events log, which has been showing similar hits all the time. First of all it shows that various clients have been trying to access my computer, though I've yet to figure out how do they know about my IP address, nor who are these clients.

The other thing of note is the frequency and range of ports that were logged. Tallied with the list of TCP/UDP ports...
  • 137-139 TCP/UDP, NetBIOS related services (not shown in the screenshot).
  • 1433 TCP/UDP, Microsoft SQL database system.
  • 135 TCP/UDP, Microsoft RPC Locator Service.
  • 445 TCP, Microsoft-DS (used for Active Directory; the channel for some Windows worms to propagate like Sasser)
  • 2967 TCP, Symantec AntiVirus Corporate Edition. (I'm not even running this! Unless the other client is?)
The bottomline (at the bottom of this post) is: If other network clients can access your computer directly, it is still possible for attacks to occur over the network. Running a (properly configured) client-side firewall would be a worthy investment of your time and effort ;)


Jason said...

Yes, it's always safest to assume that your machine is exposed to the public internet. I would guess that most networks with at least ten machines have at least one that is compromised.

GunBlad3 said...

Seeing how aware (or rather, not) people are about the computer systems they use, this wouldn't be surprising if it were true.

But it's no fault of the user though, it's the creators of the systems that should take the responsibility for this.