I do the .ida check and it does not think it is vulnerable. I use the eEye scanner and it comes up vulnerable. Does anyone know of a nessus plugin that detects it? I am currently using the IIS IDA/IDQ Path Disclosure under CGI abuses and getting nill. Mike -----Original Message----- From: Aviram Jenik [mailto:aviramat_private] Sent: Friday, August 10, 2001 9:28 AM To: 'Reeves, Michael (GEAE, Compaq)'; incidentsat_private Subject: RE: Looking for a better scanner for CodeRed Hi, Try nessus (www.nessus.org). It has a special code-red vulnerability check, and an .IDA mapping check (which is the main problem in the first place). Nessus comes with 700+ security tests, but you can configure it to run only certain tests, and to skip the port scan (if all your servers listen on port 80) in order to make a quick scan for code red vulnerabilities (don't know why you would want to do that, though. If you're taking the time to scan the machines, why not scan for other security holes as well?) -- Aviram Jenik Beyond Security Ltd. http://www.BeyondSecurity.com http://www.SecuriTeam.com Know that you're safe: http://www.AutomatedScanning.com > -----Original Message----- > From: Reeves, Michael (GEAE, Compaq) > [mailto:michael.reevesat_private] > Sent: Thursday, August 09, 2001 8:11 PM > To: 'incidentsat_private' > Subject: Looking for a better scanner for CodeRed > > > I am currently using the scanning tool from eEye to find > CodeRed vulnerable > machines. I have several class B networks I have to scan on a > regular basis. > eEye's scanner only allows range scans for class C networks. > I have the ISS > scanner but it is too slow for a quick scan. Any info would be greatly > appreciated. I am currently scanning with other software then manually > entering in all of the IIS servers intot he eEye scanner. > > Mike Reeves > Security Administrator > > > -------------------------------------------------------------- > -------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 12:53:54 PDT