?
Solved

sasser worm question

Posted on 2004-09-10
6
Medium Priority
?
414 Views
Last Modified: 2010-04-11
I have the sasser worm on my network (b/c my users do not update their computers when instructed to)... i have about 600 PCs in one flat subnet,,, what is the easiest way to track down the PCs that have sasser?  Could i use ethereal?  and if so what specifically do i need to look for to recognize computers with the sasser worm?
0
Comment
Question by:mikeleebrla
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 2000 total points
ID: 12030555
Hi mikeleebrla,
http://www.shavlik.com/

Cheers!
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12030569
Retina Sasser Worm Scanner from eEye Digital Security

Current Version: 1.0
Release Date: May 1, 2004

The Retina Sasser Worm Scanner is being made available free of charge by eEye. The tool will scan up to 256 IP addresses at once to determine if any are vulnerable to the Sasser worm which is currently propagating. If an IP address is found to be vulnerable, the Retina Sasser Worm Scanner will flag that IP address.

This tool does not require administrative privileges on the scanned machines in order to determine if the systems are vulnerable.

To determine if your network has any devices vulnerable to this worm, download the FREE Retina Sasser Worm Scanner here:
http://www.eeye.com/html/Research/Tools/Download.asp?file=RetinaSasser

For pricing on Class B and Class A versions of the scanning utility please contact eEye Sales.

Read a detailed analysis of the Sasser worm here:
http://www.eeye.com/html/Research/Advisories/AD20040501.html

The vulnerability audit in the Retina Sasser Worm Scanner is one of thousands that the full-featured Retina® Network Security Scanner, PC Magazine's Editor's Choice Award winner, checks for during a network scan. To download the trial version of Retina that checks for Sasser and other critical vulnerabilities, click here:
http://www.eeye.com/html/Products/Retina/Download.html
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 12030700
Check this out:

http://www.eeye.com/html/Research/Tools/Sasser.html

To determine if your network has any devices vulnerable to this worm, download the FREE Retina Sasser Worm Scanner here:
http://www.eeye.com/html/Research/Tools/Download.asp?file=RetinaSasser
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 15

Expert Comment

by:Yan_west
ID: 12030701
Oups, Sorry Pete :)
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12030732
np Yan :)
0
 
LVL 32

Expert Comment

by:LucF
ID: 12031390
Ok... the mess is allready been created :o)

mikeleebrla, please, next time, don't cross-post your question, it causes confusion. Please get one of these closed, and ask the experts in the other question to move their comments to the one you'd like to keep.

LucF

0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question