Penetration Testing mailing list archives
Re: nessus scan - epmap (135/tcp)
From: Volker Tanger <vtlists () wyae de>
Date: Thu, 18 Dec 2008 23:07:48 +0100
On Thu, 18 Dec 2008 14:43:41 +0100 m sesser <security () sesser eu> wrote:
some nessus scans have the following result: Vulnerability found on port epmap (135/tcp)
[...]
C:KB824146Scan.exe <hostname> hostname: patched with both KB824146 (MS03-039) and KB823980 (MS03-0
[...]
which tool is right? is there a 3rd-party tool to test?
Some suggestions: - Use a third scanner. - Try some exploits (they are easy enough to find). - Look into the nessus plugin source and the bug description.
is nessus (2.2.9 ubuntu) state of the art?
You use an old Nessus, even with respect to the 2.2.x-line: "current" is 2.2.11 (for the older one) or 3.2.1 (for the newest one) - see http://www.tenablesecurity.com/download/ Do you use the Tenable professional feed? For commercial pentesting you quite probably will want to use the continuously updated patterns. Bye Volker -- Volker Tanger http://www.wyae.de/volker.tanger/ -------------------------------------------------- vtlists () wyae de PGP Fingerprint 378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- nessus scan - epmap (135/tcp) m sesser (Dec 18)
- Re: nessus scan - epmap (135/tcp) Chris Griffin (Dec 18)
- Re: nessus scan - epmap (135/tcp) Volker Tanger (Dec 18)
- Re: nessus scan - epmap (135/tcp) m sesser (Dec 19)
- Re: nessus scan - epmap (135/tcp) Ron (Dec 19)
- Re: nessus scan - epmap (135/tcp) security curmudgeon (Dec 19)
- <Possible follow-ups>
- nessus scan - epmap (135/tcp) christopher . riley (Dec 19)