lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <871080DEC5874D41B4E3AFC5C400611E03F60AD0@UTDEVS02.campus.ad.utdallas.edu>
From: pauls at utdallas.edu (Schmehl, Paul L)
Subject: RPC scanners

Thanks for the helpful tip.
 
 

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

	-----Original Message-----
	From: deji [mailto:deji@...molafe.com] 
	Sent: Friday, September 12, 2003 12:08 PM
	To: full-disclosure@...ts.netsys.com
	Subject: RE: [Full-Disclosure] RPC scanners
	
	
	Paul, the MS Scanner actually give yous a report of what's missing. Use the /l:Logfilename option and it will produce a nice little log file with the following entries:
	 
	Microsoft (R) KB824146 Scanner Version 1.00.0249 for 80x86
	Copyright (c) Microsoft Corporation 2003. All rights reserved.
	192.168.11.250: patched with KB824146 and KB823980
	192.168.11.246: patched with KB824146 and KB823980
	192.168.11.247: patched with KB824146 and KB823980
	<snip>
	 
	This is in addition to the /o option that only lists the IP addresses of suspect systems.
	 
	
	Sincerely,
	
	D?j? Ak?m?l?f?, MCSE MCSA MCP+I
	www.akomolafe.com
	www.iyaburo.com
	Do you now realize that Today is the Tomorrow you were worried about Yesterday?  -anon

  _____  

	From: Schmehl, Paul L
	Sent: Fri 9/12/2003 7:18 AM
	To: full-disclosure@...ts.netsys.com
	Subject: [Full-Disclosure] RPC scanners
	
	
	My $0.02.
	
	The MS scanner covers a /16 in about two hours.  It *will* report Win9x
	machines as vulnerable, but that's a price I'm willing to pay.
	Unfortunately it gives you an IP list with no indication of what is
	wrong with the box.  (Is it missing both 026 & 039?  Just 039?)  But it
	allows you to script things that can help automate remediation
	processes.
	
	The eEye scanner works very well, but it limits you to a /24, which is a
	bit of a pain.  We use it for monitoring the worst offenders (VLANS, not
	people.)
	
	The Foundstone scanner?  Well, I started scanning the /16 last night
	around 6PM.  It's at 62582 addresses right now, so I suppose it will
	finish some time today.  Not good.  I was surprised, because their SQL
	scanner is very fast.  It covers a /16 in about an hour.  Don't know
	what the problem is, but something is definitely wrong.
	
	I haven't tried any other scanners.  I'll stick with the MS and eEye
	scanners.
	
	Paul Schmehl (pauls@...allas.edu)
	Adjunct Information Security Officer
	The University of Texas at Dallas
	AVIEN Founding Member
	http://www.utdallas.edu/~pauls/ 
	
	_______________________________________________
	Full-Disclosure - We believe in it.
	Charter: http://lists.netsys.com/full-disclosure-charter.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030912/586372d5/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ