RE: Command Line RPC vulnerability scanner?

From: Brad Bemis (Brad.Bemis_at_airborne.com)
Date: 07/31/03

Next message: Esler, Joel Contractor: "RE: Scans for 17300/tcp starting again"

Previous message: DeGennaro, Gregory: "RE: Scans for 17300/tcp starting again"
Maybe in reply to: JAMIE CRAWFORD: "Command Line RPC vulnerability scanner?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 31 Jul 2003 09:23:29 -0700
To: "Schmehl, Paul L" <pauls@utdallas.edu>, incidents@securityfocus.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am writing a perl script to execute against my entire class B 1 system at
a time, then adding the output to a coma delimited file that I can import
into excel. I'll post it here once I finish it up. Yes, the text is
annoying for each instance run against each IP on the network, but by
executing the code once for each individual system, you can avoid hangups
like this and can also exercise better control over how the output data is
presented.

Thank you for your time and attention,

========================
Brad Bemis
Information Security Services
Airborne Express
(206) 830-3478
========================
Email Notice: This communication may contain sensitive information. If you
are not the intended recipient, or believe that you have received this
communication in error; do not print, copy, retransmit, disseminate, or
otherwise use the information contained herein for any purpose. Please
alert the sender that you have received this message in error, and delete
the copy that you received.

> -----Original Message-----
> From: Schmehl, Paul L [mailto:pauls@utdallas.edu]
> Sent: Thursday, July 31, 2003 8:31 AM
> To: incidents@securityfocus.com
> Subject: RE: Command Line RPC vulnerability scanner?
>
>
> I have both eEye's tool and ISS's tool. I decided to run the ISS
> commandline scanner on our entire class B last night. That
> way I could
> come in this morning and have a complete report of patch
> compliance. Or
> so I thought. When I got in to my office this morning, the
> ISS tool had
> been running for 15 hours and had reported on a total of 99 hosts.
>
> I don't know what's wrong with it, but something obviously is.
>
> Paul Schmehl (pauls@utdallas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
>
> > -----Original Message-----
> > From: Michael Wright [mailto:mcwright@dbls.com]
> > Sent: Wednesday, July 30, 2003 1:25 PM
> > To: JAMIE CRAWFORD; incidents@securityfocus.com
> > Subject: Re: Command Line RPC vulnerability scanner?
> >
> >
> > Yes. ISS provides one for windows:
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> --------------
>
>
>

-----BEGIN PGP SIGNATURE-----

iQA+AwUBPylCgZDnOfS48mrdEQIyMwCfQ/90+PGYUW9ppFUwKDWXq2HoGB0AmI6w
cZLXqIXyl2e2SFphSXpeM/I=
=Kc1R
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Esler, Joel Contractor: "RE: Scans for 17300/tcp starting again"

Previous message: DeGennaro, Gregory: "RE: Scans for 17300/tcp starting again"
Maybe in reply to: JAMIE CRAWFORD: "Command Line RPC vulnerability scanner?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]