RE: MS03-049 Scanner?
From: Nero, Nick (Nick.Nero_at_disney.com)
Date: 11/18/03
- Previous message: tgm_at_elt.com: "RE: Hiding MS SQL databases in Enterprise Manager"
- Maybe in reply to: Mason, Samuel: "MS03-049 Scanner?"
- Next in thread: Vidar Tyldum: "Re: MS03-049 Scanner?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 18 Nov 2003 11:27:24 -0500 To: "Mason, Samuel" <smason@state.mt.us>, <focus-ms@securityfocus.com>
Samuel,
I haven't seen a single tool for this yet but I am sure there will be
one. The best approach for this is to set up a Nessus scanning box
(www.nessus.org). It is completely open source (read as: free). The
server portion only runs on a Unix OS, but it is painfully easy to set
up on something like Redhat 9. I set up one on RH9 in less than 30
minutes - literally. I recently got it on an enterprise class Solaris9
box which was much tougher (Redhat makes dependencies very easy to
straighten out - Sun doesn't). The benefit of Nessus is that new
plugins are released daily for new holes on practically every platform
or app. The day the Workstation B/O came out some security company made
a new plugin for it. Then as new ones pop up you can just get a new
plugin. There is a windows client that allows you to configure/batch a
scan from a Windows workstation and even select which plugins to use.
Get a decent workstation with a nice processor, put RedHat 9 and Nessus
on it and you will have the best free scanner available.
Nick Nero
CISSP, MCSE, MCSA, CCNA, CCA
Sr. Systems Analyst
407.566.5089 Office
Nick.Nero@Disney.com
This communication is confidential, intended only for the named
recipient(s) above and may contain trade secrets or other information
that is exempt from disclosure under applicable law. Any use,
dissemination, distribution or copying of this communication by anyone
other than the named recipient(s) is strictly prohibited. If you have
received this communication in error, please immediately notify us by
calling (407) 566-5089. Thank You
-----Original Message-----
From: Mason, Samuel [mailto:smason@state.mt.us]
Sent: Monday, November 17, 2003 2:34 PM
To: focus-ms@securityfocus.com
Subject: MS03-049 Scanner?
All,
Is there a free tool available for identifying machines vulnerable to
MS03-049 on local networks yet or are we even expecting someone to
develop one?
Thanks!
Samuel Mason
Information Technology Security Office
State of Montana
------------------------------------------------------------------------
--- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_focus-ms_031027 and use priority code SF4. ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_focus-ms_031027 and use priority code SF4. ---------------------------------------------------------------------------
- Previous message: tgm_at_elt.com: "RE: Hiding MS SQL databases in Enterprise Manager"
- Maybe in reply to: Mason, Samuel: "MS03-049 Scanner?"
- Next in thread: Vidar Tyldum: "Re: MS03-049 Scanner?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
