Reporter Packet Storm
`ISS products are meant to be used in a defensive role. Here we will look at
using them in an offensive role.
===Please note that the writer has NO responsibility for YOUR actions with
this === ===information! I did not make you do it. I just made you aware it
COULD be done.===
Internet Scanner and the Real Secure products can both be used to create a
DoS type attack on unsuspecting networks. Here is what a would-be attacker
would need to conduct such an attack:
Visit http://crack.21m.net/ and obtain the key generator for ISS products.
Cut your key to include the range of IP addresses, which you wish to use the
products against. (Or just make one "God" key by making the range
Install the product and drop the newly created key in the directory. Now
your ready to go to work. Note: You may want to install the latest Xpress
updates before you begin. Having the latest and greatest exploits and
vulnerabilities in the product increases your chances of finding one that
your target is vulnerable to.
Having ISS Internet Scanner on a laptop could work wonders. For instance,
have physical access to a network. Plug yourself in. Now let Internet
Scanner run DoS attacks against the entire network. Or set up policies in
Real Secure that restrict net bios traffic if it is a Windows network
environment. Or maybe stop all traffic to website you hate by blocking HTTP
traffic from any host to your target (website). Remotely a person could look
up a domain on the Internet, grab its IP address, remotely check for its
Operating System, and Web server application and let Internet Scanner run
Keep in mind that these products will not spoof the source IP address that
the attacks are coming from. There are only a couple of "checks"(attacks)
that spoof the source address of the attack. Although in Real Secure killing
TCP connections are a bit harder to trace than a teardrop attack from
There are a number of ways that these products could be used in an offensive
manner. This is in no way an all-inclusive listing.