Exploiting BlackICE When a Security Product has a Security Flaw

This paper was written to fulfill one part of the requirements of GCIH certification and present recently published and brand new details of a remarkable vulnerability to improve the state of practice of information security. It contains a fictional story about a computer expert who gets into evil ways and tries to denigrate his ex-colleague at her new workplace. I use some fake and test screenshots and test text outputs to illustrate this story. Furthermore I used semi-masked IP addresses to avoid coincidences with real addresses. However all of the attack methods are real. This paper covers a very detailed description of the exploitation of a security flaw in the Protocol Analysis Module (PAM) of Internet Security Systems' (ISS) software products from the initial phase (reconnaissance, scanning) to the end (incident handling).