Re: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

Thank you. On Jun 23, 2017 7:27 PM, "Kurt Buff" wrote: > There are some scripts/services that can scan machines for infection: > > https://github.com/countercept/doublepulsar-detection-script <<< python > script > > https://doublepulsar.below0day.com/ <<< scan public

Re: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

There are some scripts/services that can scan machines for infection: https://github.com/countercept/doublepulsar-detection-script <<< python script https://doublepulsar.below0day.com/ <<< scan public addresses from a web site, which seems to use the above script Kurt On Fri, Jun 23, 2017 at

Re: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

More interesting info. https://threatpost.com/nsas-doublepulsar-kernel-exploit-in-use-internet-wide/125165/ On Jun 23, 2017 6:51 PM, "Richard Stovall" wrote: > What I want to know is how to find a machine already infected with double > pulsar. > > On Jun 23, 2017 4:49 PM,

Re: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

What I want to know is how to find a machine already infected with double pulsar. On Jun 23, 2017 4:49 PM, "Kurt Buff" wrote: > I know that EternalBlue was fixed in the March round of patches, and > my quick googling indidates that DoublePulsar was covered in MS17-010 > >

Re: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

I know that EternalBlue was fixed in the March round of patches, and my quick googling indidates that DoublePulsar was covered in MS17-010 Kurt On Fri, Jun 23, 2017 at 12:43 PM, Ed Ziots wrote: > U need to patch.. I believe the 0 days are fixed in last round of m$ patches >

RE: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

, 2017 3:44 PM To: ntsysadm@lists.myitforum.com Subject: RE: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED) All active links contained in this email were disabled. Please verify the identity of the sender, and confirm the authenticity of all links contained within the message prior

RE: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

U need to patch.. I believe the 0 days are fixed in last round of m$ patches On Jun 23, 2017 7:19 AM, "Kent, Larry J CTR USARMY 93 SIG BDE (US)" < larry.j.kent2@mail.mil> wrote: > CLASSIFICATION: UNCLASSIFIED > > Interesting article, but is there a fix for this? > > -Original

Re: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

Subject: RE: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED) CLASSIFICATION: UNCLASSIFIED Interesting article, but is there a fix for this? -Original Message- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Thursday

RE: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

] [NTSysADM] Thank you, NSA... (UNCLASSIFIED) CLASSIFICATION: UNCLASSIFIED Interesting article, but is there a fix for this? -Original Message- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Thursday, June 22, 2017 11:02 PM

Re: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

I don't know. I haven't done the research. On Fri, Jun 23, 2017 at 4:13 AM, Kent, Larry J CTR USARMY 93 SIG BDE (US) wrote: > CLASSIFICATION: UNCLASSIFIED > > Interesting article, but is there a fix for this? > > -Original Message- > From:

RE: [Non-DoD Source] [NTSysADM] Thank you, NSA... (UNCLASSIFIED)

CLASSIFICATION: UNCLASSIFIED Interesting article, but is there a fix for this? -Original Message- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Thursday, June 22, 2017 11:02 PM To: ntsysadm