PaulDotCom mailing list archives
Scanning for Confiker via nmap
From: paul at pauldotcom.com (Paul Asadoorian)
Date: Mon, 30 Mar 2009 12:29:39 -0400
Not certain, but you could compare the NASL and the NSE to see. Nessus may just be easier for some if you don't have the SVN version of Nmap already installed in your environment. Cheers, Paul Albert R. Campa wrote:
interesting, so not having looked at this yet, whats the difference between that and scanning with Nessus? __________________________________ Albert R. Campa 2009/3/30 John Sawyer <jsawyer at ufl.edu <mailto:jsawyer at ufl.edu>> The Conficker check is in the latest SVN version of Nmap. It's in the smb-check-vulns.nse which now checks for Conficker, MS08-067 and a regsvc DoS. nmap --script smb-check-vulns.nse -p445 For safety's sake, you might want to also run it with --script-args=unsafe=1 to prevent possible crashes from the regsvc check. That should not turn off the conficker check. -jhs On Mar 30, 2009, at 11:10 AM, Chris Merkel wrote:According to this: http://www.theregister.co.uk/2009/03/30/conficker_signature_discovery/ A script should be released today to scan for conficker-infected machines over the wire. I looked at the NSE portal and haven't seen anything yet - would it show up there, or is there a development site or repository where this will first appear? I'd like to get a scan in before April 1st, when variant C drops. -- - Chris Merkel _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com <mailto:Pauldotcom at mail.pauldotcom.com> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com <http://pauldotcom.com/>_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com <mailto:Pauldotcom at mail.pauldotcom.com> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com <http://pauldotcom.com/> ------------------------------------------------------------------------ _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552
Current thread:
- Scanning for Confiker via nmap Chris Merkel (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Josh Olson (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Albert R. Campa (Mar 30)
- Scanning for Confiker via nmap Paul Asadoorian (Mar 30)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Paul Asadoorian (Mar 30)
- Scanning for Confiker via nmap Dan Baxter (Mar 31)
- Scanning for Confiker via nmap Russell Butturini (Mar 31)
- Scanning for Confiker via nmap Dan Baxter (Mar 31)
- Scanning for Confiker via nmap Tim Mugherini (Mar 31)
- Scanning for Confiker via nmap Nick Baronian (Mar 31)
- Scanning for Confiker via nmap Tim Mugherini (Mar 31)
- Scanning for Confiker via nmap xgermx (Mar 31)
- Scanning for Confiker via nmap John Sawyer (Mar 30)
- Scanning for Confiker via nmap Tim Mugherini (Mar 31)