Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Looking for linux code of a rpc dcom Scanner

From: Florian Weimer <fw () deneb enyo de>
Date: Sat, 13 Sep 2003 13:08:59 +0200
"Carl Belanger" <carl.belanger () wave-hosting net> writes:


http://www.k-otik.com/exploits/09.11.dcom2_scanner.c.php


This scanner classifies many hosts as "wierd", which is a bit
unfortunate.  The recent NASL script seems to be better in this
regard.

I've ported the NASL script to the doscan framework:

  <http://www.enyo.de/fw/software/doscan/>

(Be sure to read the manpage, it explains how to achieve a decent
scanning rate.)

However, this doscan module reports a suspiciously high number of
patched hosts for my test network, and I'm not sure if this is a
result of the admins' care or a defect in the module. 8-/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: