lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <41B1FD84D49E05448A4233378E6BF475163BFD@entmsgnt03.fm.frd.fmlh.edu>
From: jheidtke at fmlh.edu (Jerry Heidtke)
Subject: Scanning the PCs for RPC Vulnerability


Early versions of the tools from both ISS and eEye had problems with
false positives. These problems seems to be fixed in the most recent
versions. Foundstone and MS are probably running into the same issues
with their first releases. MS probably won't get it right until version
3.1...
 
Founstone's RPCScan 1.01 looks like it correctly identifies Win9x
computers. Make sure you're using that version. I don't like Founstone's
RPCScan anyway because there's no way to export the results or generate
a report. I use scanms.exe from ISS, and run it through a little perl
program I wrote that takes a list of IP ranges, scans them, and
generates a spreadsheet with the systems it found, the vulnerability
status, dns and netbios names, domain, user, and mac address. This has
been useful it tracking down and disconnecting people who don't want to
patch their systems for whatever reason.
 
Jerry

	-----Original Message-----
	From: Nadeem Rafi [mailto:nrafi@...aisy.com] 
	Sent: Wednesday, September 03, 2003 5:07 AM
	To: full-disclosure@...ts.netsys.com
	Subject: [Full-Disclosure] Scanning the PCs for RPC
Vulnerability
	
	
	I have found some faults in the scanning tools available from
Foundstone and Microsoft for RPC vulnerable machines. Both of  these
tools are not error free. These tools are showing the ip addresses of
even those machines which are Windows 9x, Windows98/Sec, Windows ME.
Both tools are not free from this error.
	And Foundstone's RPC Scan tool is even more error prone. If you
even applied all the patches in correct  sequence even then some of my
machines are reported as "Vulnerable".
	 
	Any body have any experience with these problems or any
suggestions please let me know.
	 
	Best Regards,
	 
	Nadeem Rafi


Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030903/d420a501/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ