From: Tim Winders (twinders@southplainscollege.edu)
Date: Thu Sep 11 2003 - 16:18:33 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I got the same message, but the scanner seemed to work anyway.
**********************************************
Tim Winders, MCSE, CNE, CCNA
Associate Dean of Information Technology
South Plains College
Levelland, TX 79336
Phone: 806-894-9611 x 2369
FAX: 806-894-1549
Email: TWinders@SouthPlainsCollege.edu
**********************************************
On Thu, 11 Sep 2003, John Crowley wrote:
>
> Hi Mike,
>
> I tried downloading the netreg-mod2 and compiling the rpcscan2.c:
>
> [root@netreg netreg-mod2]# gcc -o rpcscan2 rpcscan2.c
> rpcscan2.c:251: warning: type mismatch with previous implicit declaration
> rpcscan2.c:244: warning: previous implicit declaration of
> `checkVulnerable'
> rpcscan2.c:251: warning: `checkVulnerable' was previously implicitly
> declared to return `int'
>
> This sounds somewhat easily fixed by someone who knows C (I hope). Anyone
> gotten this to compile?
>
> And thanks a million for getting this new scanner out so soon. I've
> already got people with fully patched systems hitting our 'you are
> vulnerable' page because of the newest patch.
>
> John Crowley
> Smith College
>
>
> On Thu, 11 Sep 2003 Mike.Lang@uconn.edu wrote:
>
> > It took all morning but worth the wait...
> >
> >
> >
> > Hi all,
> >
> > Here are two new Linux command-line scanners that you can use to find
> > hosts
> > that are vulnerable to both MS03-026 (old) and MS03-039 (new). If you are
> > using NetReg Scanner in your network you should upgrade to this latest
> > version as soon as is resonable. These scanners should now work as well
> > as
> > the recently updated Microsoft and EEye scanners.
> >
> > rpcscan2.c - The new code you should use in your NetReg Scanner to
> > properly
> > detect hosts that are vulnerable to MS03-039. It returns results that
> > only
> > make sense to NetReg Scan (1 or 0). It should compile on most Linux
> > distros with the following command: gcc -o rpcscan2 rpcscan2.c
> >
> > http://security.uconn.edu/netregscan/rpcscan2.c
> >
> > rpcscan_range2.c - A command-line Linux scanner that accepts address
> > ranges
> > instead of just a single address. It is the fastest way we have found to
> > scan Class C size networks. It returns more human-readable results than
> > rpcscan2.c. It should compile on most Linux distros with the following
> > command: gcc -o rpcscan_range2 rpcscan_range2.c
> >
> > http://security.uconn.edu/netregscan/rpcscan_range2.c
> >
> > (We would love for someone to hack that to scan Class Bs.)
> >
> > We have also updated the jumppage.cgi that is the heart of the NetReg
> > Scanner. It references the updated scanner to return proper results. It
> > is bundled with the rpcscan2.c into a single bzipped file.
> >
> > http://security.uconn.edu/netregscan/jumppage.cgi.txt
> > http://security.uconn.edu/netregscan/netreg-mod2.tar.bz2
> >
> > If you have questions or comments about these tools please direct them to
> > security@uconn.edu. We tried to get them out as fast as possible, but we
> > also tried to test them fairly thoroughly.
> >
> > Thanks to Mike Lang and Keith Bessette of the University of Connecticut,
> > Josh Richard of the University of Minnesota-Duluth, and anyone else I may
> > have missed.
> >
> > Phil
> >
> > PS - Nessus plugin ID 11835 should detect the new vulnerability if you are
> > using that:
> >
> > http://cgi.nessus.org/plugins/dump.php3?id=11835
> >
> > =======================================
> > Philip A. Rodrigues
> > Network Analyst, UITS
> > University of Connecticut
> >
> > email: phil.rodrigues@uconn.edu
> > phone: 860.486.3743
> > fax: 860.486.6580
> > web: http://www.security.uconn.edu
> > =======================================
> >
> >
> >
> > **********************************************************************
> > To unsubscribe from this list, send an e-mail message to
> > majordomo@southwestern.edu containing a single line with the words:
> > unsubscribe netreg
> > Send requests for assistance to: owner-netreg@southwestern.edu
> > **********************************************************************
> >
>
> **********************************************************************
> To unsubscribe from this list, send an e-mail message to
> majordomo@southwestern.edu containing a single line with the words:
> unsubscribe netreg
> Send requests for assistance to: owner-netreg@southwestern.edu
> **********************************************************************
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (OSF1)
Comment: Made with pgp4pine 1.76
iD8DBQE/YOasTPuHnIooYbwRAiMkAKCRu2GyBFoqQhY63suvkjcSYio7hACfRk/A
iN/ktNKEhxi2Knqz4QzO/qE=
=tC2N
-----END PGP SIGNATURE-----
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:41 CDT