Nmap Development mailing list archives
Re: Nmap 4.85BETA5: Now with Conficker detection!
From: Fyodor <fyodor () insecure org>
Date: Mon, 30 Mar 2009 19:30:08 -0700
On Tue, Mar 31, 2009 at 03:01:51PM +1300, Craig Humphrey wrote:
Hi Guys, Awesome for getting this out so quick! Just wanting to clarify the output from nmap when scanning for Conficker. When it says: "MS08-067: NOT RUN" Does that mean the scan/probe hasn't been run, or the patch hasn't been applied?
It means the script was not run. I think you need to remove the "--script-args safe=1" to run that one. But when I just tried that (and I also added -d) against one of my XP virtual machines, I got: Host script results: | smb-check-vulns: | MS08-067: LIKELY VULNERABLE (host stopped responding) | Conficker: ERROR: SMB: Failed to receive bytes: TIMEOUT |_ regsvc DoS: NOT RUN (add --script-args=unsafe=1 to run) So in other words, I think it crashed the service. When Ron says a certain script does not qualify as "safe", he's not kidding around :). Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap 4.85BETA5: Now with Conficker detection! Fyodor (Mar 30)
- RE: Nmap 4.85BETA5: Now with Conficker detection! Craig Humphrey (Mar 30)
- Re: Nmap 4.85BETA5: Now with Conficker detection! Fyodor (Mar 30)
- RE: Nmap 4.85BETA5: Now with Conficker detection! Craig Humphrey (Mar 30)
- Re: Nmap 4.85BETA5: Now with Conficker detection! Fyodor (Mar 30)
- Re: Nmap 4.85BETA5: Now with Conficker detection! Fyodor (Mar 30)
- Re: Nmap 4.85BETA5: Now with Conficker detection! LevelZero (Mar 31)
- Re: Nmap 4.85BETA5: Now with Conficker detection! David Fifield (Mar 31)
- RE: Nmap 4.85BETA5: Now with Conficker detection! Craig Humphrey (Mar 30)