Subject: [NEWS] Attackers can use ShieldsUp! to scan any host on the Internet
Date: Tue, 5 Sep 2000 22:17:17 +0200

          Attackers can use ShieldsUp! to scan any host on the Internet
--------------------------------------------------------------------------------

SUMMARY

ShieldsUp allows home users to scan their hosts and network against known
vulnerabilities and do port scanning of their hosts. This service uses a
client that is installed on the remote end (the home user) to identify
which IP needs to be tested. A flaw in the software allows malicious users
to input any IP they desire and receive their scan results.

DETAILS

The security hole can be exploited very easily, all that it requires is
that you have a dual NIC'ed (or modem and NIC) host and you assign one of
your interfaces the IP of the box you are trying to scan.  The client will
ask which IP of your "LOCAL" machine you would like to scan, and Viola,
you have an anonymous port scanner at your fingertips.  The scan
originates from Shields Up's server and so the attacker remains hidden.

ADDITIONAL INFORMATION

The information has been provided by
<mailto:nicolas.gregoire@7THZONE.COM> Nicolas Gregoire.

========================================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.