>When I logged on this morning there was a story (date 11/27) regarding some (faxing?) software Steve Gibson wrote and how it could be used in a, uh, not so good way. I went back a couple minutes ago to read it and now it's gone. What's up with that? Or am I mistaken?
>
>Renoir
It wasn't faxing software. Gibson has a website that will probe your box and check for security holes. Sometimes his software cannot determine what the IP address of your box is. (Not that it is hard to do, Gibson just uses the wrong HTML information.) So, he developes a small app that can be downloaded and run locally. It is supposed to be used to send the 'correct' IP address for Gibson's probes, but it can be directed at any IP address, and multiple instances can be run. Also, it can be dropped off as part of a trojan horse package with pre-programmed targets and activated remotely by some cracker.
Net result: Gibson is giving away a DOS kit while peddling his services and software.
Nebraska Dept of Revenue