Results 1 to 9 of 9

Thread: Windows reboots- vulnerability?

  1. #1
    Junior Member Shaamaan's Avatar
    Join Date
    Dec 2007
    Posts
    34

    Default Windows reboots- vulnerability? [SOLVED]

    OK, the problem turned out to be system related, and not BT / pentesting related.

    I KNOW this forums is about BT... but it's also filled with people who know a lot more about security then I do, and frankly, I didn't know where else to turn. Besides, this IS pentesting, right?

    Here's the full story:
    I was playing around with Ettercap in Backtrack, trying to get it to capture user/pass info from my other computer (Windows XP), when I discovered that the firewall on that computer was smart enough to 'protect' against spoofing. So I turned if off, to see what would happen. Indeed, Ettercap then worked.

    However, soon after that, the PC suddenly, without any warning whatsoever, rebooted (only 'notable' thing about it was a very slight noise coming from the speakers).

    I checked again: every time I'd turn the firewall off, the computer would reboot a short moment later. I've turned DMZ off on my router (it was forwarding everything to my PC), and the problem stopped. EDIT: After more tests, it seems that it happens even with the DMZ turned off.

    Then I turned DMZ on for my laptop (dual boot Windows XP and BackTrack3), and turned the firewall off there, and this time, nothing happened; laptop kept on running.

    So, something must be wrong with my PC. Now, since any changes to the DMZ cause my router to reboot, and since I have a dynamic IP, I doubt that I am 'the' target of some attack... more likely (if this IS an attack), it's set against a whole range of addresses. But the thing I want to know: is this some kind of vulnerability, or just some system screw-up which causes it to reboot (unintentionally)? And, most importantly, how can I try to pinpoint the problem (or better yet, fix it)?

    I should also note that I keep my system up to date with all the updates, and I already checked antivirus.

    PS. Of course the obvious thing is NOT to turn the firewall for the time being, but that still leaves something wrong with the system itself.

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Check your fire wall logs and see what kinds of things are hitting it. Watch the traffic with Wireshark or something similar to see what kinds of packets are hitting your machine. You might find what's doing it.

    Other than that, it sounds like you have a flakey machine.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Moving this to a more appropriate section.

  4. #4
    Junior Member Shaamaan's Avatar
    Join Date
    Dec 2007
    Posts
    34

    Default

    Since I see this is still active, I can safely say that this turned out to be unrelated to network packets. The system still reboots when, for example, the wifi card is turned off, or the router has no WLAN connection.

    So despite the initial feeling of "oh shit, I've got a backdoor/exploit/hole in my system", it's a system issue.

    Also, whatever is causing this, is also probably responsible for preventing me from running safe mode with networking. It boots up, the friendly "system is now in safe mode bla bla bla" message appears, and after any answer it just hangs there. I can Ctrl-Alt-Del into Task Manager, but that's about it.

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Shaamaan View Post
    Since I see this is still active, I can safely say that this turned out to be unrelated to network packets. The system still reboots when, for example, the wifi card is turned off, or the router has no WLAN connection.

    So despite the initial feeling of "oh shit, I've got a backdoor/exploit/hole in my system", it's a system issue.

    Also, whatever is causing this, is also probably responsible for preventing me from running safe mode with networking. It boots up, the friendly "system is now in safe mode bla bla bla" message appears, and after any answer it just hangs there. I can Ctrl-Alt-Del into Task Manager, but that's about it.
    /Canned Help Desk Response

    Re-install Windows.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Junior Member Shaamaan's Avatar
    Join Date
    Dec 2007
    Posts
    34

    Default

    I'm saving that for last. :P

  7. #7
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Bad Ram, Bad Hard Drive, Something Overheating, Effed Up Windows Files, The list can go on and on.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  8. #8
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by spankdidly View Post
    Bad Ram, Bad Hard Drive, Something Overheating, Effed Up Windows Files, The list can go on and on.
    ...sunspots, faulty flenkman valve, corrupt muffler bearing, peanut butter in the floppy drive.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  9. #9
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Quote Originally Posted by streaker69 View Post
    ...sunspots, faulty flenkman valve, corrupt muffler bearing, peanut butter in the floppy drive.
    Grumpy Trolls, Fart Tickles, Unthreaded Hair Dryer, Matchheads and Sand Paper in a floppy disk, Deftones, Unmarked Police Cars, Giblets = http://mcraigweaver.com/Recipes/GibletsInPot.JPG

    Could be anything.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •