[unisog] MS04-007 scanner

Christopher E. Cramer chris.cramer at duke.edu
Wed Feb 18 17:10:12 GMT 2004


it is worth noting that the scanner operates by checking on port 445. 
if there is a server that isn't patched and has 445 closed or filtered,
you'll get an error on the connection.  this does not mean that the
system is not vulnerable - it may still be vulnerable over another port.

beyond that, we've had good experiences with the scanner.

for the apple systems, these aren't perchance OS X machines with virtual
PC running and unpatched?  just a thought.

-c

On Wed, 2004-02-18 at 11:53, Keith Schoenefeld wrote:
> Agreed, it works well on my networks as well.  Apparently we are getting 
> some false positives on Apple systems, but otherwise it's been extremely 
> useful.  Thanks again.
> 
> -- KS
> 
> Paul Dokas wrote:
> 
> > On Mon, 16 Feb 2004 14:03:29 -0500 (EST) Chris Russel <russel at yorku.ca> wrote:
> > 
> >>I am still awaiting info regarding it's accuracy but so far it looks good.
> >>Please let me know any comments.
> > 
> > 
> > Thanks for the scanner, it seem to work great!  I was able to scan 3 /16 networks
> > in about 15 minutes with this tool.  So far, it appears to have had a nearly 100%
> > accuracy.
> > 
> > There's just one small diff that I had to make to get it work out of the box on my
> > FreeBSD machine:
> > 
> > 
> > *** 007scan.c   Wed Feb 18 10:17:54 2004
> > --- 007scan.c.orig      Wed Feb 18 10:17:38 2004
> > ***************
> > *** 297,304 ****
> >     ctimeout.tv_sec = 0;
> >     ctimeout.tv_usec = 600000;
> >     // receive timeout
> > !   rtimeout.tv_sec = 1;
> > !   rtimeout.tv_usec = 800000;
> >   
> >     name = argv[0];
> >   
> > --- 297,304 ----
> >     ctimeout.tv_sec = 0;
> >     ctimeout.tv_usec = 600000;
> >     // receive timeout
> > !   rtimeout.tv_sec = 0;
> > !   rtimeout.tv_usec = 1800000;
> >   
> >     name = argv[0];
> > 
> > 
> > 
> > Paul



More information about the unisog mailing list