Forwarded from: Marc Maiffret <marcat_private> Cc: Jonas M Luster <jlusterat_private> thanks for your email. the first version was released quickly so people could have something to start with. the current version of the tool does perform an attack to determine if its vulnerable. were always improving over time but things start somewhere. Signed, Marc Maiffret Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9538 http://eEye.com/Retina - Network Security Scanner http://eEye.com/Iris - Network Traffic Analyzer http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities | -----Original Message----- | From: Jonas M Luster [mailto:jlusterat_private] | Sent: Monday, June 24, 2002 1:48 PM | To: InfoSec News | Cc: marcat_private | Subject: Re: [ISN] Free tool: apache chunked vulnerability scanner | | | Quoting InfoSec News (isnat_private): | | > Forwarded from: "Marc Maiffret" <marcat_private> | > Cc: "Greg Broiles" <gbroilesat_private> | > | > yes the tool is non intrusive. thanks for pointing that out. well | > update the site. | | That's another way to put it. But why call it a 'vulnerability | scanner' in the first place if it's only a version checker? Apache | Users with ServerTokens set to Prod or OS won't be reported | vulnerable, while my servers, running a originally vulnerable but | patched Apache are reported to be. | | This kind of advertising is pretty deceptive. In fact there's only one | way to scan for that vulnerability - and that's by exploiting it. | Every twelve-year-old with a broomstick and libwhisker can write a | version checker in minutes, if not less, so why not call it what it is | - a sophisticated way to verify Apache signatures? | | But, non-intrusive sounds cool, I give you that. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jun 25 2002 - 09:04:30 PDT