[Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windo ws
Schmehl, Paul L
pauls at utdallas.edu
Fri Sep 26 15:32:30 BST 2003
> -----Original Message-----
> From: Gary Flynn [mailto:flynngn at jmu.edu]
> Sent: Friday, September 26, 2003 8:06 AM
> To: 'full-disclosure at lists.netsys.com'
> Subject: Re: [Full-Disclosure] RE: Probable new MS DCOM RPC
> worm for Windo ws
> I would think a better way of determining if a patch is
> actually installed on a system is by examining the files on
> the system rather than to depend upon symptoms (scanners) or
> installation logs (registry entries).
True, but *I'm* not going to physically touch (or even virtually touch)
2000+ machines looking at file properties. Are you?
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
Full-Disclosure is hosted and sponsored by Secunia.