IDS mailing list archives

RE: Tool to remotely detect MBlaster infected machines?

From: "Will Schmied" <dontpanic () cox net>
Date: Fri, 15 Aug 2003 10:45:24 -0400

If you are Active Directory, have a look at the scripts posted here by a
BugTRAQ user: http://www.winona.edu/its/downloads/msblast.htm

Best,
Will

----------------------------------------
Will Schmied
President, Area 51 Partners, Inc.

Who's watching your wireless network?
www.area51partners.com

----------------------------------------
Working on your MCSE or MCSA?
Visit MCSE World today and let us help.
www.mcseworld.com


-----Original Message-----
From: brad [mailto:nelson.brad () comcast net] 
Sent: Wednesday, August 13, 2003 8:43 PM
To: focus-ids () securityfocus com
Subject: Tool to remotely detect MBlaster infected machines?


Does anyone know of a tool to remotely detect mblast infected machines?
We are checking machines with increased flows on 135 and traffic on 69
udp.  Is there a better way?

Thanks,
Brad



------------------------------------------------------------------------
---
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping  
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Ensure Reliable Performance of Mission Critical Applications
Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit
us at: http://www.captusnetworks.com/ads/31.htm
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping  
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Ensure Reliable Performance of Mission Critical Applications
Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at: http://www.captusnetworks.com/ads/31.htm
---------------------------------------------------------------------------

Current thread:

Tool to remotely detect MBlaster infected machines? brad (Aug 15)
- RE: Tool to remotely detect MBlaster infected machines? Will Schmied (Aug 15)
- <Possible follow-ups>
- RE: Tool to remotely detect MBlaster infected machines? Ostberg, Alex (Aug 15)
  - RE: Tool to remotely detect MBlaster infected machines? david maynor (Aug 15)
- Re: Tool to remotely detect MBlaster infected machines? schwing (Aug 15)
- RE: Tool to remotely detect MBlaster infected machines? bo . berlas (Aug 19)
- RE: Tool to remotely detect MBlaster infected machines? Graham, Robert (ISS Atlanta) (Aug 19)