Nmap Development mailing list archives

Re: Problems Detecting Conficker clean or infected

From: jah <jah () zadkiel plus com>
Date: Wed, 01 Apr 2009 00:27:54 +0100

On 31/03/2009 17:05, Falkenstein, Kevin wrote:

Host script results:
|  smb-check-vulns:
|  MS08-067: NOT RUN
|  Conficker: ERROR: SMB: Failed to receive bytes: TIMEOUT
|_ regsvc DoS: NOT RUN (add --script-args=unsafe=1 to run)

Read data files from: C:\Program Files\Nmap
Nmap done: 1 IP address (1 host up) scanned in 5.58 seconds
           Raw packets sent: 2 (88B) | Rcvd: 2 (88B)

I would expect to see conficker: Likely Clean or Likely infected.

Any advice would be greatly appreciated.

Hello Kevin,

Please see this post http://seclists.org/nmap-dev/2009/q1/0901.html
which details how to increase this timeout period and allow more time
for the proper response to arrive.

Regards,

jah

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Problems Detecting Conficker clean or infected Falkenstein, Kevin (Mar 31)
- Re: Problems Detecting Conficker clean or infected jah (Mar 31)