Re: ISS Internet Scanner Cannot be relied upon for conclusive

From: blkadderat_private
Date: Mon Feb 08 1999 - 09:55:03 PST

Next message: Patrick Oonk: "Sendmail 8.9.3"

Previous message: David LeBlanc: "Re: ISS Internet Scanner Cannot be relied upon for conclusive"
Next in thread: David LeBlanc: "Re: ISS Internet Scanner Cannot be relied upon for conclusive"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 8 Feb 1999, David LeBlanc wrote:

> One of the ways to check for this particular bug is to us SNMP to pull down
> the sysDescr information, and parse it to look for versions that we know
> have problems. _If_ we can get the system description, it is an easy and
> reliable way to find vulnerable machines.  However, if SNMP isn't running,
> or won't respond (even after trying to guess the community string), then
> this method won't work.

Another method to check for that particular bug is to actually attempt the
exploit. And you are not doing that because.... ???

Next message: Patrick Oonk: "Sendmail 8.9.3"
Previous message: David LeBlanc: "Re: ISS Internet Scanner Cannot be relied upon for conclusive"
Next in thread: David LeBlanc: "Re: ISS Internet Scanner Cannot be relied upon for conclusive"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:33:19 PDT