RE: Command Line RPC vulnerability scanner?

From: Christopher Cramer (chris.cramer_at_duke.edu)
Date: 07/31/03

Next message: Peter Fry: "RPC DCOM exploit"

Previous message: Esler, Joel Contractor: "RE: Scans for 17300/tcp starting again"
In reply to: Schmehl, Paul L: "RE: Command Line RPC vulnerability scanner?"
Next in thread: Russell Fulton: "RE: Command Line RPC vulnerability scanner?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Schmehl, Paul L" <pauls@utdallas.edu>
Date: 31 Jul 2003 12:36:27 -0400

Paul,

The ISS scanner occasionally hangs on a machine.

We ran the scanner over our class B by first running an nmap scan to
check for machines that were up and listening on port 135. We then ran
the ISS scanner over those machines. All of this was done on a linux
machine (the ISS scanner seems to run nicely under wine).

Hope that helps some.

-c

--
Christopher E. Cramer, Ph.D.
University Information Technology Security Officer
Duke University,  Office of Information Technology
253A North Building, Box 90132, Durham, NC  27708-0291
PH: 919-660-7003  FAX: 919-660-7076  CELL: 919-210-0528
PGP Public Key: http://www.duke.edu/~cramer/cramer.pgp
On Thu, 2003-07-31 at 11:30, Schmehl, Paul L wrote:
> I have both eEye's tool and ISS's tool.  I decided to run the ISS
> commandline scanner on our entire class B last night.  That way I could
> come in this morning and have a complete report of patch compliance.  Or
> so I thought.  When I got in to my office this morning, the ISS tool had
> been running for 15 hours and had reported on a total of 99 hosts.
> 
> I don't know what's wrong with it, but something obviously is.
> 
> Paul Schmehl (pauls@utdallas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
> 
> > -----Original Message-----
> > From: Michael Wright [mailto:mcwright@dbls.com] 
> > Sent: Wednesday, July 30, 2003 1:25 PM
> > To: JAMIE CRAWFORD; incidents@securityfocus.com
> > Subject: Re: Command Line RPC vulnerability scanner?
> > 
> > 
> > Yes.  ISS provides one for windows:
> 
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------

application/pgp-signature attachment: This is a digitally signed message part

Next message: Peter Fry: "RPC DCOM exploit"

Previous message: Esler, Joel Contractor: "RE: Scans for 17300/tcp starting again"
In reply to: Schmehl, Paul L: "RE: Command Line RPC vulnerability scanner?"
Next in thread: Russell Fulton: "RE: Command Line RPC vulnerability scanner?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]