Security Incidents mailing list archives
Re: slaper trafic
From: "Jeff" <spam-fighter () bigfoot com>
Date: Tue, 17 Sep 2002 02:30:12 -0400
"james" <jamesh () cybermesa com> wrote on Monday, September 16, 2002 at 5:49 PM:
... We do block port 80, incoming, while allowing established connections since the Code Red days. However, clients who run web servers were unprotected and some got infected. Is there yet a scanner to ID infected/vulnerable hosts
? According to http://www.eeye.com/html/Research/Tools/codered.html , the "CodeRed Scanner from eEye Digital Security" (available free at http://www.eeye.com/html/Research/Tools/RetinaCodeRed.exe) will do this job for you. A previous version of it (ostensibly with a higher version number) worked for me. It can scan a maximum of 254 IP Addresses at a time (typical /24 Class C). To scan more at a time, eEye's sales department wants to call the potential customer. Best Regards, Jeff. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: slaper trafic james (Sep 16)
- Re: slaper trafic Jose Nazario (Sep 17)
- Re: slaper trafic Denis Dimick (Sep 17)
- Re: slaper trafic Jeff (Sep 17)
- Re: slaper trafic Michael Katz (Sep 18)