Talk With an Expert

Exploiting BlackICE When a Security Product has a Security Flaw

Exploiting BlackICE When a Security Product has a Security Flaw (PDF, 3.32MB)Published: 09 Jul, 2005
Created by:
Peter Gara

This paper was written to fulfill one part of the requirements of GCIH certification and present recently published and brand new details of a remarkable vulnerability to improve the state of practice of information security. It contains a fictional story about a computer expert who gets into evil ways and tries to denigrate his ex-colleague at her new workplace. I use some fake and test screenshots and test text outputs to illustrate this story. Furthermore I used semi-masked IP addresses to avoid coincidences with real addresses. However all of the attack methods are real. This paper covers a very detailed description of the exploitation of a security flaw in the Protocol Analysis Module (PAM) of Internet Security Systems' (ISS) software products from the initial phase (reconnaissance, scanning) to the end (incident handling).