COMMAND

    net use to abuse

SYSTEMS AFFECTED

    WinNT

PROBLEM

    'The entropy Technician' posted following about good 'ol IPC$.....
    Connecting to a machine as : net use \\targetname\ipc$ "" /user:""
    provides access to the machine with a null id.

    Depending on the  security of the  target machine, you'll  be able
    to:

        - Aquire user ID lists, group lists, account names
        - Modify User information ( user mgr for domains )
        - Shut down the machine ( shutdown \\target /c "night!" )
        - Dump info about / add users ( addusers -o gotcha \\target)

SOLUTION

    Some of these are obvious as how to stop them, like not using  the
    remote shutdown service, etc.. but  this is a screaming excuse  to
    block IPC at the router  level if you don't want  people accessing
    you via the net.