informa
/
1 min read
article

Security Firm Offers Free Win2K Vulnerability Sniffer

The vendor that discovered the most dangerous bug disclosed by Microsoft on Tuesday has offered enterprises a free tool for sniffing out the problem.
eEye Digital Security has offered enterprises a free tool for sniffing out PCs vulnerable to the most dangerous bug disclosed by Microsoft on Tuesday.

The MSDTC Scanner, which can be downloaded from the eEye Digital Security site, scans networked systems for any that are vulnerable to the MSDTC bug, one of the 14 unveiled by Microsoft in its monthly patch release.

Most security experts have named the MSDTC vulnerability as the most dangerous of the 14, and the one most likely to be exploited by a worm or Trojan. Marc Maiffret, the chief hacking officer at eEye, which was credited with the MSDTC vulnerability discovery, said Tuesday that the flaw might lead to a repeat of the Zotob attack of August, when Windows 2000 systems worldwide were hit by a fast-spreading bot worm.

The scanner is based on eEye's Retina Network Security Scanner, and sniffs for the ports that the MSDTC service "listens" on: TCP port 3372 and a dynamically-assigned TCP port.

Two versions of the scanner are available; one that scans up to 16 IP addresses simultaneously, another that scans as many as 256 addresses at once.