> http://www.eeye.com/html/Research/Tools/codered.html
it will only tell us if it's the server is vulnerable, though
it's a good utility tools. but what if the box is already infected by such
worm is there a way to trace it out from the root where it was started.
thanks in advance.
Don
-----Original Message-----
From: Red Wolf [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 8:38 AM
To: [EMAIL PROTECTED]
Subject: RE: Default.ida requests
>where can i source out some utility tools
>for us to check in box remotely
CodeRed Scanner from eEye Digital Security
CodeRed Scanner is a tool created by eEye that is able to scan up to
254 IP addresses at once and determine if any are vulnerable to the .ida
"Code Red" attack. If an IP address is found to be vulnerable to the
.ida vulnerability (which the "Code Red" worm exploits to infect systems),
then CodeRed Scanner will flag the IP address. Administrators can then
double-click on the IP address to be taken to a website with information
on how to fix the vulnerability. Patching the vulnerability effectively
removes the infection (the worm) and prevents further occurances of
infection.
___________________________________________________________________
To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax,
all in one place - sign up today at http://www.zdnetonebox.com
