Educause Security Discussion mailing list archives
Re: use Nmap to find W32/Bagle.e@MM ?
From: Scott Weeks <sweeks () SANDIEGO EDU>
Date: Wed, 3 Mar 2004 10:49:23 -0800
On Wed, 3 Mar 2004, Brian Eckman wrote: : Scott Weeks wrote: : > Hello Everyone, : > : > Is this a suffucient method to find the W32/Bagle.e@MM infected machines? : > : > [root@localhost root]# nmap -P0 -p 2745 111.222.111.0/24 : : I'd do -PI. If the host doesn't ping, it probably won't have 2745/tcp : open. But you will very possibly miss a host or two this way. It's a : matter of personal preference. Sorry, I shouldn't have put the -P0 there for the email as I have an ICMP blocker between myself and the machines I'm monitoring and it made my question less clear... Thanks! scott ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- use Nmap to find W32/Bagle.e@MM ? Scott Weeks (Mar 03)
- <Possible follow-ups>
- Re: use Nmap to find W32/Bagle.e@MM ? Matthew Dalton (Mar 03)
- Re: use Nmap to find W32/Bagle.e@MM ? Brian Eckman (Mar 03)
- Re: use Nmap to find W32/Bagle.e@MM ? Scott Weeks (Mar 03)
- Re: use Nmap to find W32/Bagle.e@MM ? Pete Hoffswell (Mar 03)
- Re: use Nmap to find W32/Bagle.e@MM ? Scott Weeks (Mar 03)
- Re: use Nmap to find W32/Bagle.e@MM ? Jeff Kell (Mar 03)
- Re: use Nmap to find W32/Bagle.e@MM ? Herrera Reyna Omar (Mar 03)
- Re: use Nmap to find W32/Bagle.e@MM ? Michael_Maloney (Mar 04)
- Re: use Nmap to find W32/Bagle.e@MM ? Gary Flynn (Mar 04)
- Re: use Nmap to find W32/Bagle.e@MM ? Gary Flynn (Mar 04)
- Re: use Nmap to find W32/Bagle.e@MM ? Matthew Dalton (Mar 04)
- Re: use Nmap to find W32/Bagle.e@MM ? Michael_Maloney (Mar 04)