Re: Code Red and ISS Internet Scanner
From: Aj Effin Reznor (aj@reznor.com)Date: 07/31/01
- Previous message: Gary Maltzen: "Re: Mail Issue"
- In reply to: Mike Peterson: "Code Red and ISS Internet Scanner"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200107311634.f6VGYRS09057@reznor.com> Subject: Re: Code Red and ISS Internet Scanner To: incidents@securityfocus.com Date: Tue, 31 Jul 2001 09:34:26 -0700 (PDT) From: Aj Effin Reznor <aj@reznor.com>
"Mike Peterson was known to say....."
>
> I don't want to start any discussions about ISS
> Internet Scanner but, with the prospect of renewed
> activity by the Code Red worm it needs to be pointed
> out that Internet Scanner may not pick up the
> vulnerability.
>
> After using Internet Scanner 6.1 xpu 10 we did not
> find the vulnerability, until we got hit by the Code
> Red worm. According to ISS, Internet Scanner will
> only find the vulnerability if you operate with a
> username and password with administrative rights on
> the target.
>
While not detecting the *activity* of the worm, eEye has a simple no-charge tool to let you know if your
machines are at least likely to fall prey to it:
http://www.eeye.com/html/Research/Tools/codered.html
~middle of the page, CodeRedScanner
-aj.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Gary Maltzen: "Re: Mail Issue"
- In reply to: Mike Peterson: "Code Red and ISS Internet Scanner"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
