Vulnerability Development mailing list archives

Re: Malicious use of grc.com

From: Nicolas Gregoire <ngregoire () exaprobe com>
Date: Tue, 27 Nov 2001 11:48:35 +0100

26/11/2001 20:54:26, Magni () HammerofGod com wrote :

Instead, we can easily bypass the need to crack the hash by simply using
the "IP Agent" supplied by Gibson.  Over a year ago, a hacked version of IP
Agent was published that allowed one to supply an address to scan-- Gibson
discounted this as a non-issue, but reportedly fixed IP Agent to perform a
check to prevent this from happening.



I reported this information on September 2001 :
http://msgs.securepoint.com/cgi-bin/get/bugtraq0009/9.html

Apparently, Steve Gibson still use a silly method to check for IP adresses to scan ....

Quoting him :
"As you'll see, this next-generation scan cannot be "faked out" in the
same fashion since it deliberately maintains open and active
connections to the user's target browser and penetrates NAT routers
and firewalls"

:)

Nicolas Grégoire
Exaprobe (http://www.exaprobe.com)

Current thread:

Re: Malicious use of grc.com netscience (Nov 26)
- <Possible follow-ups>
- Malicious use of grc.com Magni (Nov 26)
  - Re: Malicious use of grc.com Brad (Nov 26)
- Re: Malicious use of grc.com Thorsten Droigk (Nov 26)
  - Re: Malicious use of grc.com Blue Boar (Nov 26)
- Re: Malicious use of grc.com Festive (Nov 27)
- Re: Malicious use of grc.com Nicolas Gregoire (Nov 27)
- RE: Malicious use of grc.com Everhart, Glenn (FUSA) (Nov 28)
- RE: Malicious use of grc.com Nicko Demeter (Nov 28)
  - RE: Malicious use of grc.com H C (Nov 28)