PureBasic Forums - English

I'm sure I read somewhere once that your PC's computer name (returned with the ComputerName() command) can be a security risk if other people know it. Is that true? I don't see how it can be, and surely more than one PC worldwide would have any given name.

Dude wrote:I'm sure I read somewhere once that your PC's computer name (returned with the ComputerName() command) can be a security risk if other people know it. Is that true? I don't see how it can be, and surely more than one PC worldwide would have any given name.

If an attacker gains access to a network this kind of information may aid them.

Only with RPC and SMB based attacks. There should be isolation on the switch anyway unless it's enterprise. I use the subnet mask to do subnet IP scans then arp and dns tricks to get the information and pipe it to different tools. I usually have to brute-force with up to date machines. If I get the admin pass over RPC I can run anything remotely.

Most quality routers have client isolation, optional UPNP, and DPI firewall. I have a SOHO SonicWall with these then also the built in OS firewall and a lot of sandboxing. It's easier than the internet suggests it is to make it hard even for a super-power to get remote code execution.

So if my computer name is "DUDE-WIN7" and I publish that online (like I just did here), can anyone hack into my PC or do anything with that info to attack my PC? That's what I read, but technically I don't see how. Is the name linked to a specific IP address or something, that they can search for and/or reverse-engineer?

If only the Internet router is not totally distorted, is not a problem.

The computer names are not visible on the Internet and are required in the intranet for sharing folders and printers.

So:
- Router Ok
- Virus Protection Ok
- Firewalls ok
- OS system is up-to-date

no problem

You confuse the accesses from the Internet and Intranet

computer names only matter behind the NAT and malware can just scan the subnet there using the subnet mask. Local-firewall SMB and RPC ports. I think they are like 138,135,445, and 5357 TCP.

A router or switch with client-isolation saves you the trouble.. They aren't that rare.

Well... in total any your info (if it is true) is a "security risk"

Comp name can tell something interesting about owner in some cases, except what said already ("technically" it is usable in LAN mainly, not much dangerous and can easily post it anywhere. My PC is named "SUPERSONIC-II" for example )

One day there will be super-scary headlines about MAC addresses and mass-surveillance on LAN, WWAN, WAN, PAN etc..

Most people don't know governments are pretty much handed databases by NIC manufacturers world wide..