Full Disclosure mailing list archives
RE: RE: Probable new MS DCOM RPC worm for Windows
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Thu, 25 Sep 2003 11:37:29 -0500
-----Original Message----- From: Cael Abal [mailto:lists () onryou com] Sent: Thursday, September 25, 2003 9:57 AM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] RE: Probable new MS DCOM RPC worm for Windows Did you use a third-party tool to verify the patches were actually successfully installed on the infected machines, before detecting the infection?
No, I used four. Microsoft's commandline scanner, eEye's free Retina tool, ISS's scanner and GFI's Languard scanner. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Probable new MS DCOM RPC worm for Windows, (continued)
- RE: Probable new MS DCOM RPC worm for Windows Schmehl, Paul L (Sep 25)
- Re: RE: Probable new MS DCOM RPC worm for Windows Cael Abal (Sep 25)
- Re: RE: Probable new MS DCOM RPC worm for Windows Gregory A. Gilliss (Sep 25)
- RE: Probable new MS DCOM RPC worm for Windows Derek Vadala (Sep 25)
- Re: RE: Probable new MS DCOM RPC worm for Windows Exibar (Sep 25)
- Re: RE: Probable new MS DCOM RPC worm for Windows Cael Abal (Sep 25)
- RE: RE: Probable new MS DCOM RPC worm for Windows Robert Ahnemann (Sep 25)
- RE: Probable new MS DCOM RPC worm for Windows Williams Jon (Sep 25)
- Re: RE: Probable new MS DCOM RPC worm for Windows Paul Farrow (Sep 25)
- Re: RE: Probable new MS DCOM RPC worm for Windows Jordan Wiens (Sep 25)
- SV: RE: Probable new MS DCOM RPC worm for Windows Peter Kruse (Sep 25)
- Re: RE: Probable new MS DCOM RPC worm for Windows Paul Farrow (Sep 25)
- RE: RE: Probable new MS DCOM RPC worm for Windows Schmehl, Paul L (Sep 25)
- RE: Probable new MS DCOM RPC worm for Windows Brian (Sep 25)
- Port 6881 scans - why? Paul Johnson (Sep 25)
- Re: Port 6881 scans - why? Blue Boar (Sep 25)
- Port 6881 scans - why? Paul Johnson (Sep 25)
- RE: Probable new MS DCOM RPC worm for Windows Carey, Steve T GARRISON (Sep 25)
- Re: RE: Probable new MS DCOM RPC worm for Windows lists (Sep 27)
- Re: RE: Probable new MS DCOM RPC worm for Windows Paul Schmehl (Sep 27)
- Re: RE: Probable new MS DCOM RPC worm for Windows Karl DeBisschop (Sep 27)
- Re: RE: Probable new MS DCOM RPC worm for Windows Paul Schmehl (Sep 27)
- Re: RE: Probable new MS DCOM RPC worm for Windows Karl DeBisschop (Sep 27)
- RE: Probable new MS DCOM RPC worm for Windows Schmehl, Paul L (Sep 25)