Security Incidents mailing list archives
Looking for a better scanner for CodeRed
From: "Reeves, Michael (GEAE, Compaq)" <michael.reeves () ae ge com>
Date: Fri, 10 Aug 2001 11:24:55 -0400
I do the .ida check and it does not think it is vulnerable. I use the eEye scanner and it comes up vulnerable. Does anyone know of a nessus plugin that detects it? I am currently using the IIS IDA/IDQ Path Disclosure under CGI abuses and getting nill. Mike -----Original Message----- From: Aviram Jenik [mailto:aviram () beyondsecurity com] Sent: Friday, August 10, 2001 9:28 AM To: 'Reeves, Michael (GEAE, Compaq)'; incidents () securityfocus com Subject: RE: Looking for a better scanner for CodeRed Hi, Try nessus (www.nessus.org). It has a special code-red vulnerability check, and an .IDA mapping check (which is the main problem in the first place). Nessus comes with 700+ security tests, but you can configure it to run only certain tests, and to skip the port scan (if all your servers listen on port 80) in order to make a quick scan for code red vulnerabilities (don't know why you would want to do that, though. If you're taking the time to scan the machines, why not scan for other security holes as well?) -- Aviram Jenik Beyond Security Ltd. http://www.BeyondSecurity.com http://www.SecuriTeam.com Know that you're safe: http://www.AutomatedScanning.com
-----Original Message----- From: Reeves, Michael (GEAE, Compaq) [mailto:michael.reeves () ae ge com] Sent: Thursday, August 09, 2001 8:11 PM To: 'incidents () securityfocus com' Subject: Looking for a better scanner for CodeRed I am currently using the scanning tool from eEye to find CodeRed vulnerable machines. I have several class B networks I have to scan on a regular basis. eEye's scanner only allows range scans for class C networks. I have the ISS scanner but it is too slow for a quick scan. Any info would be greatly appreciated. I am currently scanning with other software then manually entering in all of the IIS servers intot he eEye scanner. Mike Reeves Security Administrator -------------------------------------------------------------- -------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Looking for a better scanner for CodeRed Reeves, Michael (GEAE, Compaq) (Aug 09)
- Re: Looking for a better scanner for CodeRed Security (Aug 10)
- RE: Looking for a better scanner for CodeRed Aviram Jenik (Aug 10)
- <Possible follow-ups>
- Looking for a better scanner for CodeRed Reeves, Michael (GEAE, Compaq) (Aug 10)