Vulnerability Development: Re: Malicious use of grc.com

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Malicious use of grc.com

From: Chris <chrisb () bcnstech net>
Date: Wed, 28 Nov 2001 10:59:39 +1100

On Tue, 27 Nov 2001 10:09:59 -0800, H C wrote:

Not necessarily.  There are a vast number of
misconfigured proxies
available on the 'net that would afford a malicious
outsider ample
opportunity to do their dirty work without betraying
their point of
origin.  This negates the immediacy of any audit
trail and exacerbates the
severity of Gibson's oversight.


For a port scan?  Really?


Hi,

Find just about any out of the box proxy setup and you will be able
to check things like http://host:1/ http://host:1234/ etc

I think squid is about the only one that blocks this misuse by
default? Could be wrong about that one though.. More could restrict
ports by default these days..

Regards
--
Chris, chrisb () bcnstech net on 28/11/2001

By Date By Thread

Current thread:

Re: weird Windows 2000/XP bug Lincoln Yeoh (Nov 01)
- <Possible follow-ups>
- Re: weird Windows 2000/XP bug GomoR (Nov 01)
- Re: weird Windows 2000/XP bug surya (Nov 01)