Full Disclosure mailing list archives
RE: Nachi Worm
From: "Discini, Sonny" <Sonny.Discini () montgomerycountymd gov>
Date: Thu, 4 Dec 2003 17:24:20 -0500
Actually, if you scan for port 707 and it is open, you can be sure that the box is infected. This is how we pinpoint Welchia/Nachia infections. Sonny Discini Network Security Engineer Department of Technology Services Enterprise Infrastructure Division Montgomery County Government -----Original Message----- From: Norman Girard [mailto:ngirard () qualys com] Sent: Thursday, December 04, 2003 3:32 PM To: David Loyd; isp-security () isp-securtiy com Cc: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] Nachi Worm Dave, You can scan but only through the registry access. You need to provide the login credentials of the domain... -----Original Message----- From: David Loyd [mailto:2of2 () unimatrix01 us] Sent: Thursday, December 04, 2003 11:53 AM To: isp-security () isp-securtiy com Cc: full-disclosure () lists netsys com Subject: [Full-disclosure] Nachi Worm Does any one know if you can sacn of the nachi worm or the rpc.dcom vulnerability with nessus Thanks Dave
Current thread:
- Nachi Worm David Loyd (Dec 04)
- <Possible follow-ups>
- RE: Nachi Worm Norman Girard (Dec 04)
- RE: Nachi Worm Discini, Sonny (Dec 04)
- RE: Nachi Worm Norman Girard (Dec 04)
- Re: Nachi Worm Gabriel L. Somlo (Dec 04)
- RE: Re: Nachi Worm Schmehl, Paul L (Dec 04)