Paul, The ISS scanner occasionally hangs on a machine. We ran the scanner over our class B by first running an nmap scan to check for machines that were up and listening on port 135. We then ran the ISS scanner over those machines. All of this was done on a linux machine (the ISS scanner seems to run nicely under wine). Hope that helps some. -c -- Christopher E. Cramer, Ph.D. University Information Technology Security Officer Duke University, Office of Information Technology 253A North Building, Box 90132, Durham, NC 27708-0291 PH: 919-660-7003 FAX: 919-660-7076 CELL: 919-210-0528 PGP Public Key: http://www.duke.edu/~cramer/cramer.pgp On Thu, 2003-07-31 at 11:30, Schmehl, Paul L wrote: > I have both eEye's tool and ISS's tool. I decided to run the ISS > commandline scanner on our entire class B last night. That way I could > come in this morning and have a complete report of patch compliance. Or > so I thought. When I got in to my office this morning, the ISS tool had > been running for 15 hours and had reported on a total of 99 hosts. > > I don't know what's wrong with it, but something obviously is. > > Paul Schmehl (paulsat_private) > Adjunct Information Security Officer > The University of Texas at Dallas > AVIEN Founding Member > http://www.utdallas.edu/~pauls/ > > > -----Original Message----- > > From: Michael Wright [mailto:mcwrightat_private] > > Sent: Wednesday, July 30, 2003 1:25 PM > > To: JAMIE CRAWFORD; incidentsat_private > > Subject: Re: Command Line RPC vulnerability scanner? > > > > > > Yes. ISS provides one for windows: > > --------------------------------------------------------------------------- > ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Jul 31 2003 - 13:32:40 PDT