PaulDotCom mailing list archives
Scanning for Confiker via nmap
From: jsawyer at ufl.edu (John Sawyer)
Date: Mon, 30 Mar 2009 12:01:38 -0400
BTW, I fat-fingered the last part of the message. Enabling that flag *will* enable the check for the DoS so use it at your own risk. -jhs On Mar 30, 2009, at 11:22 AM, John Sawyer wrote:
The Conficker check is in the latest SVN version of Nmap. It's in the smb-check-vulns.nse which now checks for Conficker, MS08-067 and a regsvc DoS. nmap --script smb-check-vulns.nse -p445 For safety's sake, you might want to also run it with --script- args=unsafe=1 to prevent possible crashes from the regsvc check. That should not turn off the conficker check. -jhs On Mar 30, 2009, at 11:10 AM, Chris Merkel wrote:According to this: http://www.theregister.co.uk/2009/03/30/ conficker_signature_discovery/ A script should be released today to scan for conficker-infected machines over the wire. I looked at the NSE portal and haven't seen anything yet - would it show up there, or is there a development site or repository where this will first appear? I'd like to get a scan in before April 1st, when variant C drops. -- - Chris Merkel
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090330/453c062b/attachment.htm
Current thread:
- Scanning for Confiker via nmap Chris Merkel (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Josh Olson (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Albert R. Campa (Mar 30)
- Scanning for Confiker via nmap Paul Asadoorian (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Paul Asadoorian (Mar 30)
- Scanning for Confiker via nmap Dan Baxter (Mar 31)
- Scanning for Confiker via nmap Russell Butturini (Mar 31)
- Scanning for Confiker via nmap Dan Baxter (Mar 31)
- Scanning for Confiker via nmap Tim Mugherini (Mar 31)
- Scanning for Confiker via nmap Nick Baronian (Mar 31)
- Scanning for Confiker via nmap Tim Mugherini (Mar 31)
- Scanning for Confiker via nmap John Sawyer (Mar 30)