nanog mailing list archives
Re: Synful Knock questions...
From: Hank Nussbacher <hank () efes iucc ac il>
Date: Sat, 26 Sep 2015 22:04:02 +0300
At 11:42 25/09/2015 -0700, Jake Mertel wrote:
Looks like Cisco's Talos just released a tool to scan your network for indications of the SYNful Knock malware. Details @ http://talosintel.com/scanner/ .
More details here: http://blogs.cisco.com/security/talos/synful-scanner -Hank
-- Regards, Jake Mertel Ubiquity Hosting *Web: *https://www.ubiquityhosting.com *Phone (direct): *1-480-478-1510 *Mail:* 5350 East High Street, Suite 300, Phoenix, AZ 85054 On Wed, Sep 16, 2015 at 7:33 AM, Stephen Fulton <sf () lists esoteric ca> wrote: > Follow-up to my own post, Fireeye has code on github: > > https://github.com/fireeye/synfulknock > > > On 2015-09-16 10:27 AM, Stephen Fulton wrote: > >> Interesting, anyone have more details on how to construct the scan using >> something like nmap? >> >> -- Stephen >> >> On 2015-09-16 9:20 AM, Royce Williams wrote: >> >>> HD Moore just posted the results of a full-Internet ZMap scan. I didn't >>> realize that it was remotely detectable. >>> >>> 79 hosts total in 19 countries. >>> >>> https://zmap.io/synful/ >>> >>> Royce >>> >>>
Current thread:
- Re: Synful Knock questions..., (continued)
- Re: Synful Knock questions... Stephen Satchell (Sep 15)
- Re: Synful Knock questions... Valdis . Kletnieks (Sep 15)
- Re: Synful Knock questions... Alain Hebert (Sep 15)
- Re: Synful Knock questions... Blake Hudson (Sep 15)
- Re: Synful Knock questions... Paul Ferguson (Sep 15)
- Re: Synful Knock questions... Roland Dobbins (Sep 15)
- Re: Synful Knock questions... Royce Williams (Sep 16)
- Re: Synful Knock questions... Stephen Fulton (Sep 16)
- Re: Synful Knock questions... Stephen Fulton (Sep 16)
- Re: Synful Knock questions... Jake Mertel (Sep 25)
- Message not available
- Re: Synful Knock questions... Hank Nussbacher (Sep 26)
- Re: Synful Knock questions... Stephen Satchell (Sep 15)
- Re: Synful Knock questions... Blake Hudson (Sep 16)
- RE: Re: Synful Knock questions... Darden, Patrick (Sep 16)
- Re: Synful Knock questions... Michael Douglas (Sep 16)
- Re: Synful Knock questions... Roland Dobbins (Sep 16)