RE: Tool to remotely detect MBlaster infected machines?
From: david maynor (david.maynor_at_oit.gatech.edu)
Date: 08/15/03
- Previous message: Ostberg, Alex: "RE: Tool to remotely detect MBlaster infected machines?"
- In reply to: Ostberg, Alex: "RE: Tool to remotely detect MBlaster infected machines?"
- Next in thread: schwing_at_tenablesecurity.com: "Re: Tool to remotely detect MBlaster infected machines?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Ostberg, Alex" <aostberg@state.mt.us> Date: 15 Aug 2003 11:00:01 -0400
It is a good tool, but has the drawback of only doing 1 class c at a
time.
On Fri, 2003-08-15 at 10:50, Ostberg, Alex wrote:
> We have had a good experience thus far with the eEye tool
> "RetinaRPCDCOM.exe" which is free.
>
> www.eeye.com
>
>
> Thanks,
> Alex O. Ostberg
> Data Security Analyst / Network Security Specialist
> Information Technology Security Office - Information Technology Services
> Division -
> Department of Administration - State of Montana
> Office: 406.444.4557
> Fax: 406.444.2701
> Email: aostberg@state.mt.us
>
>
>
> -----Original Message-----
> From: brad [mailto:nelson.brad@comcast.net]
> Sent: Wednesday, August 13, 2003 6:43 PM
> To: focus-ids@securityfocus.com
> Subject: Tool to remotely detect MBlaster infected machines?
>
>
> Does anyone know of a tool to remotely detect mblast infected machines? We
> are checking machines with increased flows on 135 and traffic on 69 udp. Is
> there a better way?
>
> Thanks,
> Brad
>
>
>
> ---------------------------------------------------------------------------
> Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
> - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
> - Automatically Control P2P, IM and Spam Traffic
> - Ensure Reliable Performance of Mission Critical Applications
> Precisely Define and Implement Network Security and Performance Policies
> **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
> Visit us at: http://www.captusnetworks.com/ads/31.htm
> ---------------------------------------------------------------------------
>
> ---------------------------------------------------------------------------
> Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
> - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
> - Automatically Control P2P, IM and Spam Traffic
> - Ensure Reliable Performance of Mission Critical Applications
> Precisely Define and Implement Network Security and Performance Policies
> **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
> Visit us at: http://www.captusnetworks.com/ads/31.htm
> ---------------------------------------------------------------------------
>
---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
- Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
- Automatically Control P2P, IM and Spam Traffic
- Ensure Reliable Performance of Mission Critical Applications
Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at: http://www.captusnetworks.com/ads/31.htm
---------------------------------------------------------------------------
- Previous message: Ostberg, Alex: "RE: Tool to remotely detect MBlaster infected machines?"
- In reply to: Ostberg, Alex: "RE: Tool to remotely detect MBlaster infected machines?"
- Next in thread: schwing_at_tenablesecurity.com: "Re: Tool to remotely detect MBlaster infected machines?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
