PaulDotCom mailing list archives
Scanning for Confiker via nmap
From: rbutturini at epictn.com (Russell Butturini)
Date: Tue, 31 Mar 2009 09:31:16 -0500
I found you need to add the -vv (very verbose) flag using that command. Otherwise you don't see the script results. See below: Discovered open port 445/tcp on x.x.x.x Completed SYN Stealth Scan at 09:29, 0.00s elapsed (1 total ports) NSE: Initiating script scanning. Initiating NSE at 09:29 Completed NSE at 09:29, 0.50s elapsed Host x.x.x.x appears to be up ... good. Scanned at 2009-03-31 09:29:47 Central Daylight Time for 1s Interesting ports on x.x.x.x: PORT STATE SERVICE 445/tcp open microsoft-ds MAC Address: 00:11:25:E9:04:52 (IBM) Host script results: | smb-check-vulns: | MS08-067: FIXED | Conficker: Likely CLEAN From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Dan Baxter Sent: Tuesday, March 31, 2009 9:01 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Scanning for Confiker via nmap So forgive my lack of nmap-fu, but if I run this what am I looking for? I get back responses that list some with 445 open, some closed and a few filtered. How do I determine which may be infected. for clarification I'm running nmap -p 445 --script smb-check-vulns.nse Thanks Dan Baxter ------------------------------------------------- Quis custodiet ipsos custodes? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090331/991d395f/attachment.htm
Current thread:
- Scanning for Confiker via nmap Chris Merkel (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Josh Olson (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Albert R. Campa (Mar 30)
- Scanning for Confiker via nmap Paul Asadoorian (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Paul Asadoorian (Mar 30)
- Scanning for Confiker via nmap Dan Baxter (Mar 31)
- Scanning for Confiker via nmap Russell Butturini (Mar 31)
- Scanning for Confiker via nmap Dan Baxter (Mar 31)
- Scanning for Confiker via nmap Tim Mugherini (Mar 31)
- Scanning for Confiker via nmap Nick Baronian (Mar 31)
- Scanning for Confiker via nmap Tim Mugherini (Mar 31)
- Scanning for Confiker via nmap xgermx (Mar 31)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Tim Mugherini (Mar 31)
- Scanning for Confiker via nmap Chris Merkel (Mar 31)
- Scanning for Confiker via nmap Paul Asadoorian (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Paul Asadoorian (Mar 30)