George Stone <[EMAIL PROTECTED]> writes:
> I need to verify that the Bugbear plugin does in fact work.
It does. Try to open the 36794 port on a test machine, and you'll get
a warning at least.
If you are paranoid and fear that you have a mutated version that
listens on any port, change the script to test "Services/unknown":
---------------------------------
port = get_kb_item("Services/unknown");
if (! port) port = 36794;
# port = 36794;
if (known_service(port: port) exit(0);
---------------------------------
Why do you want to test _this_ plugin by the way? Why not the 1000+
other ones??
> Does anyone know where I can get a copy of the Bugbear worm
Sooner or later, you'll receive one by e-mail :-]
> or find an infected host to perform a test scan against?
Well... Considering the nature of the beasty, I seriously doubt that
anybody will give you such an information. If you have the proper
tool, you get full control of the remote machine.
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
