[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Looking for linux code of a rpc dcom Scanner

To: carl.belanger@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Looking for linux code of a rpc dcom Scanner
From: Florian Weimer <fw@xxxxxxxxxxxxx>
Date: Sat, 13 Sep 2003 13:08:59 +0200

"Carl Belanger" <carl.belanger@xxxxxxxxxxxxxxxx> writes:

> http://www.k-otik.com/exploits/09.11.dcom2_scanner.c.php

This scanner classifies many hosts as "wierd", which is a bit
unfortunate.  The recent NASL script seems to be better in this
regard.

I've ported the NASL script to the doscan framework:

  <http://www.enyo.de/fw/software/doscan/>

(Be sure to read the manpage, it explains how to achieve a decent
scanning rate.)

However, this doscan module reports a suspiciously high number of
patched hosts for my test network, and I'm not sure if this is a
result of the admins' care or a defect in the module. 8-/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Looking for linux code of a rpc dcom Scanner
  - From: Pellmann Paul
- Re: [Full-Disclosure] Looking for linux code of a rpc dcom Scanner
  - From: Carl Belanger

Prev by Date: Re: [Full-Disclosure] Re: Wired misquote [Symantec want's to criminalize full-disclosure]
Next by Date: [Full-Disclosure] Administrivia: Noise and Politics
Previous by thread: Re: [Full-Disclosure] Looking for linux code of a rpc dcom Scanner
Next by thread: Re: [Full-Disclosure] Looking for linux code of a rpc dcom Scanner
Index(es):
- Date
- Thread