Home page logo

bugtraq logo Bugtraq mailing list archives

A note on CIS and some new tools
From: mnemonix () GLOBALNET CO UK (David Litchfield (Cerberus Information Security, Ltd))
Date: Fri, 3 Dec 1999 15:20:56 -0000

Hi All,
Due to a few requests I've posted some new auditing tools on the Cerberus

This will dump NetBIOS information from your NT 4, Windows 2000 and Samba
servers. Runs on Windows NT 4 and 2000 only.

This will dump SUN RPC information from a *NIX machine (like running
rpcinfo -p host from a *nix shell prompt.) Runs on Windows 95, 98, NT and

A web scanner that scan for known security issues in your web servers be
they IIS, Apache, Netscape or whatever. Runs on Windows 95, 98, NT and 2000.

These tools are really just parts of our CIS security scanner but by
splitting some of the parts up we're able to cover more platforms from which
audits can be run and of course these tools and CIS are available from

A note on CIS
For those that are getting incorrect information about password issues - log
onto the the local machine and not the domain and then run the scanner. This
will stop this - seems like an MS API call not doing what it's supposed to
do ;-)

The website has also been changed and updated - if anyone doesn't like the
colours don't blame me - I'm colour blind ;-)

David Litchfield
Cerberus Information Security, Ltd

  By Date           By Thread  

Current thread:
  • A note on CIS and some new tools David Litchfield (Cerberus Information Security, Ltd) (Dec 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]