Subject: [NEWS] Attackers can use ShieldsUp! to scan any host on the Internet Date: Tue, 5 Sep 2000 22:17:17 +0200 Attackers can use ShieldsUp! to scan any host on the Internet -------------------------------------------------------------------------------- SUMMARY ShieldsUp allows home users to scan their hosts and network against known vulnerabilities and do port scanning of their hosts. This service uses a client that is installed on the remote end (the home user) to identify which IP needs to be tested. A flaw in the software allows malicious users to input any IP they desire and receive their scan results. DETAILS The security hole can be exploited very easily, all that it requires is that you have a dual NIC'ed (or modem and NIC) host and you assign one of your interfaces the IP of the box you are trying to scan. The client will ask which IP of your "LOCAL" machine you would like to scan, and Viola, you have an anonymous port scanner at your fingertips. The scan originates from Shields Up's server and so the attacker remains hidden. ADDITIONAL INFORMATION The information has been provided by <mailto:nicolas.gregoire@7THZONE.COM> Nicolas Gregoire. ======================================== DISCLAIMER: The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.