Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: dcom2_scanner v1.1

From: Raymond Dijkxhoorn <raymond () prolocation net>
Date: Thu, 18 Sep 2003 12:28:27 +0200 (CEST)
Hi!


    Lots of people gave me useful feedback on my Unix based MS DCOM DCE RPC
scanner.  I've updated it based on their suggestions.  This version has
better OS detection, recognizes 9x/me systems as immune, better support for
NT, and better detection of systems with DCOM disabled. 

   http://udel.edu/~doke/dcom2/dcom2_scanner-v1.1.tar.gz 

    Suggestions and constructive criticism are invited.


[root@master dcom2]# ./dcom2_scanner 130.161.180.59
** 130.161.180.59 does not have 2nd dcom patch -- BAD **
[root@master dcom2]# ./dcom2_scanner 130.161.180.59

This is a HPUX box, we got the same false positives with another box...

rpcscan-netreg-03 doest detect it properly, i suggest taking a peek at 
their code...

http://www.security.uconn.edu/netregscan/

Bye,
Raymond.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: