Windows reboots- vulnerability? [SOLVED]
OK, the problem turned out to be system related, and not BT / pentesting related.
I KNOW this forums is about BT... but it's also filled with people who know a lot more about security then I do, and frankly, I didn't know where else to turn. Besides, this IS pentesting, right?
Here's the full story:
I was playing around with Ettercap in Backtrack, trying to get it to capture user/pass info from my other computer (Windows XP), when I discovered that the firewall on that computer was smart enough to 'protect' against spoofing. So I turned if off, to see what would happen. Indeed, Ettercap then worked.
However, soon after that, the PC suddenly, without any warning whatsoever, rebooted (only 'notable' thing about it was a very slight noise coming from the speakers).
I checked again: every time I'd turn the firewall off, the computer would reboot a short moment later. I've turned DMZ off on my router (it was forwarding everything to my PC), and the problem stopped. EDIT: After more tests, it seems that it happens even with the DMZ turned off.
Then I turned DMZ on for my laptop (dual boot Windows XP and BackTrack3), and turned the firewall off there, and this time, nothing happened; laptop kept on running.
So, something must be wrong with my PC. Now, since any changes to the DMZ cause my router to reboot, and since I have a dynamic IP, I doubt that I am 'the' target of some attack... more likely (if this IS an attack), it's set against a whole range of addresses. But the thing I want to know: is this some kind of vulnerability, or just some system screw-up which causes it to reboot (unintentionally)? And, most importantly, how can I try to pinpoint the problem (or better yet, fix it)?
I should also note that I keep my system up to date with all the updates, and I already checked antivirus.
PS. Of course the obvious thing is NOT to turn the firewall for the time being, but that still leaves something wrong with the system itself.
Check your fire wall logs and see what kinds of things are hitting it. Watch the traffic with Wireshark or something similar to see what kinds of packets are hitting your machine. You might find what's doing it.
Other than that, it sounds like you have a flakey machine.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Moving this to a more appropriate section.
Since I see this is still active, I can safely say that this turned out to be unrelated to network packets. The system still reboots when, for example, the wifi card is turned off, or the router has no WLAN connection.
So despite the initial feeling of "oh shit, I've got a backdoor/exploit/hole in my system", it's a system issue.
Also, whatever is causing this, is also probably responsible for preventing me from running safe mode with networking. It boots up, the friendly "system is now in safe mode bla bla bla" message appears, and after any answer it just hangs there. I can Ctrl-Alt-Del into Task Manager, but that's about it.
/Canned Help Desk ResponseOriginally Posted by Shaamaan
Re-install Windows.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
I'm saving that for last. :P
Bad Ram, Bad Hard Drive, Something Overheating, Effed Up Windows Files, The list can go on and on.
I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!
...sunspots, faulty flenkman valve, corrupt muffler bearing, peanut butter in the floppy drive.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Grumpy Trolls, Fart Tickles, Unthreaded Hair Dryer, Matchheads and Sand Paper in a floppy disk, Deftones, Unmarked Police Cars, Giblets = http://mcraigweaver.com/Recipes/GibletsInPot.JPG
Could be anything.
I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!
Posting Permissions
