RE: Detecting Blaster
From: Bryan Schlegel (bschlegel_at_childrenfirst.com)
Date: 08/14/03
- Previous message: James Riden: "Re: Detecting Blaster"
- Maybe in reply to: Bob Sadler: "Detecting Blaster"
- Next in thread: Brian DeLine: "Re: Detecting Blaster"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 14 Aug 2003 16:13:58 -0400 To: "Bob Sadler" <bobs@LEAWOOD.ORG>, <focus-ms@securityfocus.com>
Geoff Shively sent this to the list yesterday, it is perfect for what
you are looking for
DCOM ISS Scanner:
http://www.iss.net/support/product_utilities/ms03-026rpc.php
-----Original Message-----
From: Bob Sadler [mailto:bobs@LEAWOOD.ORG]
Sent: Thursday, August 14, 2003 1:14 PM
To: focus-ms@securityfocus.com
Subject: Detecting Blaster
I have been trying to figure out if there is a way that I can detect
signs of Blaster on a large number of machines on a network without
having to actually visit each one.
I have a port scanner (Ethereal) and have it setup to look at any frame
with destination port 135. Is there a better way to do this, or is the
way I'm trying to do this all wrong in the first place?
Bob Sadler
City of Leawood, KS, USA
WAN/Internet Specialist
913-339-6700 x194
Get a Life! Get TWO! Play Second Life!
http://secondlife.com/ss/?u=b4ebbfdd6af98a027fa7e89a86c55a68
------------------------------------------------------------------------
--- Your network firewall and IDS products do not prevent Web application attacks - the most common form of online exploitation- resulting in Web defacement, data theft, sabotage and fraud. KaVaDo is the only company that provides a complete suite of Web application security products. Download a FREE whitepaper on "Security Policy Automation for Web Applications":http://www.securityfocus.com/Kavado-focus-ms ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- Your network firewall and IDS products do not prevent Web application attacks - the most common form of online exploitation- resulting in Web defacement, data theft, sabotage and fraud. KaVaDo is the only company that provides a complete suite of Web application security products. Download a FREE whitepaper on "Security Policy Automation for Web Applications":http://www.securityfocus.com/Kavado-focus-ms ---------------------------------------------------------------------------
- Previous message: James Riden: "Re: Detecting Blaster"
- Maybe in reply to: Bob Sadler: "Detecting Blaster"
- Next in thread: Brian DeLine: "Re: Detecting Blaster"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
