On Sat, 7 Apr 2001 15:56:59 -0700, Tim Hason <[EMAIL PROTECTED]> wrote: >EyeIS security tool unrevealed. Good example of Distributed >Exploitation of common Vulnerabilities, employing a backdoor >in what's supposedly called a "Security Paranoid Tool" Snoop on >them like they snoop on you! All over the site before downloading this 5MB tool <wow!> to test for the Unicode Bug are warnings like this: LEGAL NOTICE !!! For the soul purpose of monitoring eyeIS for illegal use due to its nature, we may log your IP address while using eyeIS. For the soul purpose of monitoring eyeIS for illegal use due to its nature, we are logging all activity inside this page by entering you are agreeing that you understand this and we have your permission to log your IP address. Anything done inside or on linked pages especially the download of the program will be monitored. A visitor must press ACCEPT --- DECLINE to download the tool. >Someone's in trouble :) > >The logs we found (at the time of writing) are located at the following >locations: http://www.dforce.nl/~noid/scripts/log.txt contained my IP address and Netscape User-Agent string. I didn't download the tool and I'm not running IIS. I don't feel particularly vulnerable to the Unicode Bug because they logged my site visit. That's not to say the toolmaker or site-owner has the best laid logging scheme. But as of today at least they were warning visitors right up front that IP addresses are logged during site visits and tool uses. Gotta read those disclaimers. Matt 2001-04-09 ____________________________________________________________________ Get free email and a permanent address at http://www.amexmail.com/?A=1
