|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Jeff (spam-fighter_at_bigfoot.com)
Date: Tue Sep 17 2002 - 01:30:12 CDT
"james" <jamesh
cybermesa.com> wrote on Monday, September 16, 2002 at 5:49
PM:
> ... We do
> block port 80, incoming, while allowing established connections since the
> Code Red days. However, clients who run web servers were unprotected and
> some got infected. Is there yet a scanner to ID infected/vulnerable hosts
?
According to http://www.eeye.com/html/Research/Tools/codered.html , the
"CodeRed Scanner from eEye Digital Security" (available free at
http://www.eeye.com/html/Research/Tools/RetinaCodeRed.exe) will do this job
for you. A previous version of it (ostensibly with a higher version number)
worked for me. It can scan a maximum of 254 IP Addresses at a time (typical
/24 Class C). To scan more at a time, eEye's sales department wants to call
the potential customer.
Best Regards, Jeff.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]