Link to home
Start Free TrialLog in
Avatar of mikeleebrla
mikeleebrlaFlag for United States of America

asked on

sasser worm question

I have the sasser worm on my network (b/c my users do not update their computers when instructed to)... i have about 600 PCs in one flat subnet,,, what is the easiest way to track down the PCs that have sasser?  Could i use ethereal?  and if so what specifically do i need to look for to recognize computers with the sasser worm?
ASKER CERTIFIED SOLUTION
Avatar of Pete Long
Pete Long
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Retina Sasser Worm Scanner from eEye Digital Security

Current Version: 1.0
Release Date: May 1, 2004

The Retina Sasser Worm Scanner is being made available free of charge by eEye. The tool will scan up to 256 IP addresses at once to determine if any are vulnerable to the Sasser worm which is currently propagating. If an IP address is found to be vulnerable, the Retina Sasser Worm Scanner will flag that IP address.

This tool does not require administrative privileges on the scanned machines in order to determine if the systems are vulnerable.

To determine if your network has any devices vulnerable to this worm, download the FREE Retina Sasser Worm Scanner here:
http://www.eeye.com/html/Research/Tools/Download.asp?file=RetinaSasser

For pricing on Class B and Class A versions of the scanning utility please contact eEye Sales.

Read a detailed analysis of the Sasser worm here:
http://www.eeye.com/html/Research/Advisories/AD20040501.html

The vulnerability audit in the Retina Sasser Worm Scanner is one of thousands that the full-featured Retina® Network Security Scanner, PC Magazine's Editor's Choice Award winner, checks for during a network scan. To download the trial version of Retina that checks for Sasser and other critical vulnerabilities, click here:
http://www.eeye.com/html/Products/Retina/Download.html
Avatar of Yan_west
Yan_west

Check this out:

http://www.eeye.com/html/Research/Tools/Sasser.html

To determine if your network has any devices vulnerable to this worm, download the FREE Retina Sasser Worm Scanner here:
http://www.eeye.com/html/Research/Tools/Download.asp?file=RetinaSasser
Oups, Sorry Pete :)
np Yan :)
Ok... the mess is allready been created :o)

mikeleebrla, please, next time, don't cross-post your question, it causes confusion. Please get one of these closed, and ask the experts in the other question to move their comments to the one you'd like to keep.

LucF