{"type": "packetstorm", "published": "2000-05-02T00:00:00", "reporter": "Packet Storm", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "1e53d18422edef1edcacceb794bb78b8"}, {"key": "modified", "hash": "50a884e1807d9c1d6a339d0b44bd608f"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "50a884e1807d9c1d6a339d0b44bd608f"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "7e63640ffbb0546f3e2929f550c8818d"}, {"key": "sourceData", "hash": "9ba71a6ecf128c410feca1db9869a9a3"}, {"key": "sourceHref", "hash": "3869cff5e8c88c45532f932859c92b95"}, {"key": "title", "hash": "e23451584b03b76791154fc69c75a139"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "bulletinFamily": "exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceData": "`ISS products are meant to be used in a defensive role. Here we will look at \nusing them in an offensive role. \n \n===Please note that the writer has NO responsibility for YOUR actions with \nthis === ===information! I did not make you do it. I just made you aware it \nCOULD be done.=== \n \n \nInternet Scanner and the Real Secure products can both be used to create a \nDoS type attack on unsuspecting networks. Here is what a would-be attacker \nwould need to conduct such an attack: \nISS product. \nVisit http://crack.21m.net/ and obtain the key generator for ISS products. \nCut your key to include the range of IP addresses, which you wish to use the \nproducts against. (Or just make one \"God\" key by making the range \n0.0.0.0-255.255.255.255) \nInstall the product and drop the newly created key in the directory. Now \nyour ready to go to work. Note: You may want to install the latest Xpress \nupdates before you begin. Having the latest and greatest exploits and \nvulnerabilities in the product increases your chances of finding one that \nyour target is vulnerable to. \nScenarios: \nHaving ISS Internet Scanner on a laptop could work wonders. For instance, \nhave physical access to a network. Plug yourself in. Now let Internet \nScanner run DoS attacks against the entire network. Or set up policies in \nReal Secure that restrict net bios traffic if it is a Windows network \nenvironment. Or maybe stop all traffic to website you hate by blocking HTTP \ntraffic from any host to your target (website). Remotely a person could look \nup a domain on the Internet, grab its IP address, remotely check for its \nOperating System, and Web server application and let Internet Scanner run \nagainst it. \n \nKeep in mind that these products will not spoof the source IP address that \nthe attacks are coming from. There are only a couple of \"checks\"(attacks) \nthat spoof the source address of the attack. Although in Real Secure killing \nTCP connections are a bit harder to trace than a teardrop attack from \nInternet Scanner. \n \nThere are a number of ways that these products could be used in an offensive \nmanner. This is in no way an all-inclusive listing. \n \n`\n", "viewCount": 2, "history": [], "lastseen": "2016-11-03T10:26:18", "objectVersion": "1.2", "href": "https://packetstormsecurity.com/files/17759/ISS.txt.html", "sourceHref": "https://packetstormsecurity.com/files/download/17759/ISS.txt", "title": "ISS.txt", "enchantments": {"score": {"value": -0.4, "vector": "NONE", "modified": "2016-11-03T10:26:18"}, "dependencies": {"references": [], "modified": "2016-11-03T10:26:18"}, "vulnersScore": -0.4}, "references": [], "id": "PACKETSTORM:17759", "hash": "233b912d87facb52e0b89a39d8f03cf929eef040d66fb85928960b2edaabc4e1", "edition": 1, "cvelist": [], "modified": "2000-05-02T00:00:00", "description": ""}

{}