Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: RE: Probable new MS DCOM RPC worm for Windo ws

From: "Randal, Phil" <prandal () herefordshire gov uk>
Date: Fri, 26 Sep 2003 16:20:59 +0100
Why not?  Easy enough to check in a login script if you're using something
like Kixtart (www.kixtart.org).

Cheers,

Phil

---------------------------------------------
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK 


-----Original Message-----
From: Schmehl, Paul L [mailto:pauls () utdallas edu]
Sent: 26 September 2003 15:33
To: full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] RE: Probable new MS DCOM RPC worm for
Windo ws



-----Original Message-----
From: Gary Flynn [mailto:flynngn () jmu edu] 
Sent: Friday, September 26, 2003 8:06 AM
To: 'full-disclosure () lists netsys com'
Subject: Re: [Full-disclosure] RE: Probable new MS DCOM RPC 
worm for Windo ws


I would think a better way of determining if a patch is 
actually installed on a system is by examining the files on 
the system rather than to depend upon symptoms (scanners) or 
installation logs (registry entries).


True, but *I'm* not going to physically touch (or even 
virtually touch)
2000+ machines looking at file properties.  Are you?

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: