Educause Security Discussion mailing list archives
Re: Conflicker/NMAP
From: Jason Frisvold <frisvolj () LAFAYETTE EDU>
Date: Tue, 31 Mar 2009 10:40:23 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mar 31, 2009, at 10:21 AM, Consolvo, Corbett D wrote:
I realize many folks may not want to answer this, but has anyone had many positives/infections with the released nmap scan for Conflicker? So far we seem to be coming up clean and many other folks I’ve talked to or emailed with have come up clean as well. I’m just concerned about the possibility of false negatives. Of course, the problem may not be particularly wide-spread except in the eyes of some media outlets.
We ran both the nmap and python scanners here and came up empty as well. Unfortunately, I don't have access to a known-infected machine to verify either detection method.
We're also ramping up our IDS to monitor for suspicious activity, should there be any. I would be interested in any other methods others are using to detect/prevent Conficker, and others.
Thanks, Corbett Consolvo Texas State University
- --------------------------- Jason Frisvold Network Engineer frisvolj () lafayette edu - --------------------------- "What I cannot create, I do not understand" - Richard Feynman -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAknSK1cACgkQO80o6DJ8UvmWjACeMumTi2OUmL/rLMRcOPOrSGQU z3QAniZQ4Y/uPLjPebGT/7qyeaVA8pCw =gNRK -----END PGP SIGNATURE-----
Current thread:
- Conflicker/NMAP Consolvo, Corbett D (Mar 31)
- <Possible follow-ups>
- Re: Conflicker/NMAP Stanclift, Michael (Mar 31)
- Re: Conflicker/NMAP Harris, Michael C. (Mar 31)
- Re: Conflicker/NMAP Greg T. Grimes (Mar 31)
- Re: Conflicker/NMAP Jason S. Cash (Mar 31)
- Re: Conflicker/NMAP David Boyer (Mar 31)
- Re: Conflicker/NMAP Ken Connelly (Mar 31)
- Re: Conflicker/NMAP Jason Testart (Mar 31)
- Re: Conflicker/NMAP Jason Frisvold (Mar 31)
- Re: Conflicker/NMAP Mike Austin (Mar 31)
- Re: Conflicker/NMAP King, Ronald A. (Mar 31)
- Re: Conflicker/NMAP John Sawyer (Mar 31)
- Re: Conflicker/NMAP Jerry Sell (Mar 31)
- Re: Conflicker/NMAP Pete Hickey (Mar 31)
- Re: Conflicker/NMAP James R. Pardonek (Mar 31)
- Re: Conflicker/NMAP Stanclift, Michael (Mar 31)
- Re: Conflicker/NMAP Dennis Meharchand (Mar 31)
- Re: Conflicker/NMAP David Harley (Mar 31)
- Re: Conflicker/NMAP Basgen, Brian (Mar 31)
(Thread continues...)