IDS mailing list archives

RE: Tool to remotely detect MBlaster infected machines?

From: "Ostberg, Alex" <aostberg () state mt us>
Date: Fri, 15 Aug 2003 08:50:14 -0600

We have had a good experience thus far with the eEye tool
"RetinaRPCDCOM.exe" which is free.

www.eeye.com


Thanks, 
Alex O. Ostberg
Data Security Analyst / Network Security Specialist
Information Technology Security Office - Information Technology Services
Division - 
Department of Administration - State of Montana
Office:  406.444.4557
Fax:        406.444.2701
Email:     aostberg () state mt us



-----Original Message-----
From: brad [mailto:nelson.brad () comcast net]
Sent: Wednesday, August 13, 2003 6:43 PM
To: focus-ids () securityfocus com
Subject: Tool to remotely detect MBlaster infected machines?


Does anyone know of a tool to remotely detect mblast infected machines?  We
are checking machines with increased flows on 135 and traffic on 69 udp.  Is
there a better way?

Thanks,
Brad



---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping  
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Ensure Reliable Performance of Mission Critical Applications
Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at: http://www.captusnetworks.com/ads/31.htm
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping  
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Ensure Reliable Performance of Mission Critical Applications
Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at: http://www.captusnetworks.com/ads/31.htm
---------------------------------------------------------------------------

Current thread:

Tool to remotely detect MBlaster infected machines? brad (Aug 15)
- RE: Tool to remotely detect MBlaster infected machines? Will Schmied (Aug 15)
- <Possible follow-ups>
- RE: Tool to remotely detect MBlaster infected machines? Ostberg, Alex (Aug 15)
  - RE: Tool to remotely detect MBlaster infected machines? david maynor (Aug 15)
- Re: Tool to remotely detect MBlaster infected machines? schwing (Aug 15)
- RE: Tool to remotely detect MBlaster infected machines? bo . berlas (Aug 19)
- RE: Tool to remotely detect MBlaster infected machines? Graham, Robert (ISS Atlanta) (Aug 19)