IDS mailing list archives
Re: Tool to remotely detect MBlaster infected machines?
From: <schwing () tenablesecurity com>
Date: 15 Aug 2003 16:24:14 -0000
In-Reply-To: <1060959531.6927.8.camel () icehouse is gatech edu> You can also use Nessus plugin Check 11818 The remote host is infected by msblast.exe If you need to scan more then one class C at a time you could use the Tenable Lightning Console and Proxy to Scan multiple class B's at the same time. Stephen Schwing Tenable Network Security www.tenablesecurity.com
It is a good tool, but has the drawback of only doing 1 class c at a time. On Fri, 2003-08-15 at 10:50, Ostberg, Alex wrote:We have had a good experience thus far with the eEye tool "RetinaRPCDCOM.exe" which is free. www.eeye.com Thanks, Alex O. Ostberg Data Security Analyst / Network Security Specialist Information Technology Security Office - Information Technology Services Division - Department of Administration - State of Montana Office: 406.444.4557 Fax: 406.444.2701 Email: aostberg () state mt us -----Original Message----- From: brad [mailto:nelson.brad () comcast net] Sent: Wednesday, August 13, 2003 6:43 PM To: focus-ids () securityfocus com Subject: Tool to remotely detect MBlaster infected machines? Does anyone know of a tool to remotely detect mblast infected
machines? We
are checking machines with increased flows on 135 and traffic on 69
udp. Is
there a better way? Thanks, Brad ------------------------------------------------------------------------
---
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ------------------------------------------------------------------------
---
--------------------------------------------------------------------------
-
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm --------------------------------------------------------------------------
-
--------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ---------------------------------------------------------------------------
Current thread:
- Tool to remotely detect MBlaster infected machines? brad (Aug 15)
- RE: Tool to remotely detect MBlaster infected machines? Will Schmied (Aug 15)
- <Possible follow-ups>
- RE: Tool to remotely detect MBlaster infected machines? Ostberg, Alex (Aug 15)
- RE: Tool to remotely detect MBlaster infected machines? david maynor (Aug 15)
- Re: Tool to remotely detect MBlaster infected machines? schwing (Aug 15)
- RE: Tool to remotely detect MBlaster infected machines? bo . berlas (Aug 19)
- RE: Tool to remotely detect MBlaster infected machines? Graham, Robert (ISS Atlanta) (Aug 19)