RE: New Version of Retina Nimba Scanner

Patrick S. Harper Tue, 25 Sep 2001 07:16:32 -0700
I scanned on a clients network and got reports of both vulnerable and
infected.




Peace, commerce, and honest friendship with all nations -- entangling
alliances with none.
--Thomas Jefferson (1743-1826)

>From every mountainside let freedom ring.
--Samuel Francis Smith, from the anthem "America", 1831 

-----Original Message-----
From: Bill Burge [mailto:[EMAIL PROTECTED]] 
Sent: Friday, September 21, 2001 2:03 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE:New Version of Retina Nimba Scanner


I wish I could get a bulk scanner that reported "infected".  

The Retina Scanner reports "Vulnerable"...

Bill Burge
...spiffy sig block...

*********** REPLY SEPARATOR  ***********

On 9/21/2001 at 10:13 AM John Stauffacher wrote:

>All,
>
>I just ran this scanner and am picking up more false positives than 
>real infections. Not only did it pick up all my Macs (they arent even 
>running Dave or have any SMB shares), it picked up my indigo and my 
>Snap Server (tell me how a snap server gets infected by this?). I 
>realize that diagnosing these things is a shot in the dark - but, 
>telling me "open guest share" when the machine is not sharing anything 
>(or even listening on 139) is kinda a mis-nomer an a cause for panic 
>(130 "infected" out of 253 possible)...anyone else seen this kind of 
>false positive from the scanner?
>
>-John Stauffacher
>
>+-------------------------+
>! John Stauffacher        !
>! Network Administrator   !
>! Chapman University      !
>! [EMAIL PROTECTED] !
>+-------------------------+
>
>>
>Date: Thu, 20 Sep 2001 17:31:06 -0700
>From: info <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED], [EMAIL PROTECTED]
>Subject: New Version of Retina Nimba Scanner
>
>A new version of Nimda Scanner has just been posted to the eEye web 
>site that will also detect open shares on systems which is a common 
>trait of an infection.
>
>http://www.eeye.com/html/Research/Tools/nimda.html
>
>Signed,
>eEye Digital Security
>T.949.349.9062
>F.949.349.9538
>
>
>
>-----------------------------------------------------------------------
>-----
>This list is provided by the SecurityFocus ARIS analyzer service.
>For more information on this free incident handling, management 
>and tracking system please see: http://aris.securityfocus.com
>
>
>
>
>-----------------------------------------------------------------------
>-----
>This list is provided by the SecurityFocus ARIS analyzer service.
>For more information on this free incident handling, management 
>and tracking system please see: http://aris.securityfocus.com
RE: New Version of Retina Nimba Scanner

Reply via email to
