"Mike Peterson was known to say....." > > I don't want to start any discussions about ISS > Internet Scanner but, with the prospect of renewed > activity by the Code Red worm it needs to be pointed > out that Internet Scanner may not pick up the > vulnerability. > > After using Internet Scanner 6.1 xpu 10 we did not > find the vulnerability, until we got hit by the Code > Red worm. According to ISS, Internet Scanner will > only find the vulnerability if you operate with a > username and password with administrative rights on > the target. > While not detecting the *activity* of the worm, eEye has a simple no-charge tool to let you know if your machines are at least likely to fall prey to it: http://www.eeye.com/html/Research/Tools/codered.html ~middle of the page, CodeRedScanner -aj. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 10:48:01 PDT