The Net View Command

Now let's have some serious fun. Netscape (or any browser or ftp program) uses TCP/IP to connect. What happens if we use NetBIOS instead to try to download files from Oldguy's ftp server?

Let's try some more NetBIOS commands:

C:\>net view \\10.0.0.2
System error 53 has occurred.

The network path was not found.

I got this message because my firewall blocked access to Oldguy, giving the message:

The firewall has blocked Internet access to 10.0.0.2 (TCP Port 445) from your computer [TCP Flags: S].

There's a good reason for this. My firewall/IDS is trying to keep me from carelessly making my computer a part of some stranger's LAN. Keep in mind that NetBIOS is a two-way street. However, I want to run this command, so I shut down Zone Alarm and give the command again:

C:\>net view \\10.0.0.2
Shared resources at \\10.0.0.2

Share name Type Used as Comment

--------------------------------------------------------
ftproot Disk
InetPub Disk
wwwroot Disk
The command completed successfully.

This is a list of shared directories. Oooh, look at that, the ftp server is shared. Does this mean I can get in? When setting shares on a Windows NT server, the default choice is to allow access to read, write and delete files to everyone. So sometimes a sysadmin carelessly fails to restrict access to a share.

What is really important is that we didn't need a user name or password to get this potentially compromising information.

Let's establish an anonymous connection to Oldguy, meaning we connect without giving it a user name or password:

C:\>net use \\10.0.0.2\ipc$
Local name
Remote name \\10.0.0.2\IPC$
Resource type IPC
Status OK
# Opens 0
# Connections 1
The command completed successfully.

We are connected!

**********************
Newbie note: IPC (ipc$) stands for "Inter Process Connector", used to set up connections across a network between Windows computers using NetBIOS.
**********************