Vulnerability Development mailing list archives

Re: icq accounts

From: sarnold () WILLAMETTE EDU (Seth R Arnold)
Date: Mon, 22 Nov 1999 18:21:52 -0800


(Sven, you might wish to :set textwidth=74 or so...)

On Mon, Nov 22, 1999 at 08:38:23PM +0000, Sven E. van 't Veer wrote:

I use LICQ on my linuxbox and it lets me add any user I want without
asking for authorization, sure it gives me the option to ask for
authorization if I really want to, but it's not needed.

I can also send messages spoofing the UIN. I can Query the OS of the user
do a a finger, lookup hostname.

I don't use these options much, anyway it does hardly as good a job as
nmap, so I guess you don't have to be a hacker to do these things.


licq actually fires off nmap and queso and finger to find out all this
information -- it just makes it available in a convenient menu system.

--
Seth Arnold | http://www.willamette.edu/~sarnold/
Hate spam? See http://maps.vix.com/rbl/ for help
Hi! I'm a .signature virus! Copy me into
your ~/.signature to help me spread!

Current thread:

icq accounts Ömer Özta (Nov 20)
- <Possible follow-ups>
- Re: icq accounts Zimmerman, Eric - CIS (Nov 22)
  - Re: icq accounts Sven E. van 't Veer (Nov 22)
    - Re: icq accounts Seth R Arnold (Nov 22)
    - Re: icq accounts Arturo Busleiman (Nov 22)
    - lanma256.bmp/lanmannt.bmp security risk? Mike Blomgren (Nov 24)
    - Re: lanma256.bmp/lanmannt.bmp security risk? Marc Esipovich (Nov 24)
    - SSH exploit Gerardo Richarte (Nov 24)