From: Robert Lowe (Robert.H.Lowe@lawrence.edu)
Date: Thu Sep 11 2003 - 16:29:51 CDT
Add:
void checkVulnerable( u_long );
...before the line:
int main(int argc, char **argv)
-Robert
John Crowley wrote:
> Hi Mike,
>
> I tried downloading the netreg-mod2 and compiling the rpcscan2.c:
>
> [root@netreg netreg-mod2]# gcc -o rpcscan2 rpcscan2.c
> rpcscan2.c:251: warning: type mismatch with previous implicit declaration
> rpcscan2.c:244: warning: previous implicit declaration of
> `checkVulnerable'
> rpcscan2.c:251: warning: `checkVulnerable' was previously implicitly
> declared to return `int'
>
> This sounds somewhat easily fixed by someone who knows C (I hope). Anyone
> gotten this to compile?
>
> And thanks a million for getting this new scanner out so soon. I've
> already got people with fully patched systems hitting our 'you are
> vulnerable' page because of the newest patch.
>
> John Crowley
> Smith College
>
>
> On Thu, 11 Sep 2003 Mike.Lang@uconn.edu wrote:
>
>
>>It took all morning but worth the wait...
>>
>>
>>
>>Hi all,
>>
>>Here are two new Linux command-line scanners that you can use to find
>>hosts
>>that are vulnerable to both MS03-026 (old) and MS03-039 (new). If you are
>>using NetReg Scanner in your network you should upgrade to this latest
>>version as soon as is resonable. These scanners should now work as well
>>as
>>the recently updated Microsoft and EEye scanners.
>>
>>rpcscan2.c - The new code you should use in your NetReg Scanner to
>>properly
>>detect hosts that are vulnerable to MS03-039. It returns results that
>>only
>>make sense to NetReg Scan (1 or 0). It should compile on most Linux
>>distros with the following command: gcc -o rpcscan2 rpcscan2.c
>>
>>http://security.uconn.edu/netregscan/rpcscan2.c
>>
>>rpcscan_range2.c - A command-line Linux scanner that accepts address
>>ranges
>>instead of just a single address. It is the fastest way we have found to
>>scan Class C size networks. It returns more human-readable results than
>>rpcscan2.c. It should compile on most Linux distros with the following
>>command: gcc -o rpcscan_range2 rpcscan_range2.c
>>
>>http://security.uconn.edu/netregscan/rpcscan_range2.c
>>
>>(We would love for someone to hack that to scan Class Bs.)
>>
>>We have also updated the jumppage.cgi that is the heart of the NetReg
>>Scanner. It references the updated scanner to return proper results. It
>>is bundled with the rpcscan2.c into a single bzipped file.
>>
>>http://security.uconn.edu/netregscan/jumppage.cgi.txt
>>http://security.uconn.edu/netregscan/netreg-mod2.tar.bz2
>>
>>If you have questions or comments about these tools please direct them to
>>security@uconn.edu. We tried to get them out as fast as possible, but we
>>also tried to test them fairly thoroughly.
>>
>>Thanks to Mike Lang and Keith Bessette of the University of Connecticut,
>>Josh Richard of the University of Minnesota-Duluth, and anyone else I may
>>have missed.
>>
>>Phil
>>
>>PS - Nessus plugin ID 11835 should detect the new vulnerability if you are
>>using that:
>>
>>http://cgi.nessus.org/plugins/dump.php3?id=11835
>>
>>=======================================
>>Philip A. Rodrigues
>>Network Analyst, UITS
>>University of Connecticut
>>
>>email: phil.rodrigues@uconn.edu
>>phone: 860.486.3743
>>fax: 860.486.6580
>>web: http://www.security.uconn.edu
>> =======================================
>>
>>
>>
>>**********************************************************************
>>To unsubscribe from this list, send an e-mail message to
>>majordomo@southwestern.edu containing a single line with the words:
>>unsubscribe netreg
>>Send requests for assistance to: owner-netreg@southwestern.edu
>>**********************************************************************
>>
>
>
> **********************************************************************
> To unsubscribe from this list, send an e-mail message to
> majordomo@southwestern.edu containing a single line with the words:
> unsubscribe netreg
> Send requests for assistance to: owner-netreg@southwestern.edu
> **********************************************************************
--
_/ _/ _/ Robert Lowe, Network Manager
_/ _/ _/ Computer Services
_/ _/ _/ Lawrence University / Appleton, WI 54912 / USA
_/ _/ _/ Voice: 920/832-6572 Fax: 920/832-7374
_/_/_/_/ _/_/_/_/ e-mail: Robert.H.Lowe@lawrence.edu
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:41 CDT