mikeleebrla
asked on
sasser worm question
I have the sasser worm on my network (b/c my users do not update their computers when instructed to)... i have about 600 PCs in one flat subnet,,, what is the easiest way to track down the PCs that have sasser? Could i use ethereal? and if so what specifically do i need to look for to recognize computers with the sasser worm?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Check this out:
http://www.eeye.com/html/Research/Tools/Sasser.html
To determine if your network has any devices vulnerable to this worm, download the FREE Retina Sasser Worm Scanner here:
http://www.eeye.com/html/Research/Tools/Download.asp?file=RetinaSasser
http://www.eeye.com/html/Research/Tools/Sasser.html
To determine if your network has any devices vulnerable to this worm, download the FREE Retina Sasser Worm Scanner here:
http://www.eeye.com/html/Research/Tools/Download.asp?file=RetinaSasser
Oups, Sorry Pete :)
np Yan :)
Ok... the mess is allready been created :o)
mikeleebrla, please, next time, don't cross-post your question, it causes confusion. Please get one of these closed, and ask the experts in the other question to move their comments to the one you'd like to keep.
LucF
mikeleebrla, please, next time, don't cross-post your question, it causes confusion. Please get one of these closed, and ask the experts in the other question to move their comments to the one you'd like to keep.
LucF
Current Version: 1.0
Release Date: May 1, 2004
The Retina Sasser Worm Scanner is being made available free of charge by eEye. The tool will scan up to 256 IP addresses at once to determine if any are vulnerable to the Sasser worm which is currently propagating. If an IP address is found to be vulnerable, the Retina Sasser Worm Scanner will flag that IP address.
This tool does not require administrative privileges on the scanned machines in order to determine if the systems are vulnerable.
To determine if your network has any devices vulnerable to this worm, download the FREE Retina Sasser Worm Scanner here:
http://www.eeye.com/html/Research/Tools/Download.asp?file=RetinaSasser
For pricing on Class B and Class A versions of the scanning utility please contact eEye Sales.
Read a detailed analysis of the Sasser worm here:
http://www.eeye.com/html/Research/Advisories/AD20040501.html
The vulnerability audit in the Retina Sasser Worm Scanner is one of thousands that the full-featured Retina® Network Security Scanner, PC Magazine's Editor's Choice Award winner, checks for during a network scan. To download the trial version of Retina that checks for Sasser and other critical vulnerabilities, click here:
http://www.eeye.com/html/Products/Retina/Download.html