Re: The Confiker Virus.

[Jason Biel <jason () biel-tech com>]

Anyone try the new nmap beta that includes the ability to detect it?
nmap-4.85BETA5 ?

I am looking for output from a scan on a known infected machine vs what I
believe is a clean machine I have.

Thanks,

On Tue, Mar 31, 2009 at 7:48 AM, Eric Tykwinski <eric-list () truenet com>wrote:

> Joe,
>
> Here's the link for the Python Crypto toolkit:
> http://www.amk.ca/python/code/crypto.html
>
> I scanned our internal network and didn't find anything, so I can't really
> vouch for it's reliablity though.
>
> -----Original Message-----
> From: David Tebbutt [mailto:David () sunshadeseyewear com au]
> Sent: Tuesday, March 31, 2009 2:10 AM
> To: Paul Ferguson; JoeSox
> Cc: nanog () nanog org
> Subject: Re: The Confiker Virus.
>
> you need to add python-crypto with whatever package manager your OS uses,
> yast line in suse:
>
> |python-crypto                   |2.0.1          |2.0.1
> |Collection of cryptographic algorithms and protocols, implemented for use
> from Python
>
> d
>
> > > > JoeSox <joesox () gmail com> 31/03/09 8:46 am >>>
> Has anyone tried the Python scs Network Scanner script?
> http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/
>
> I have installed Impacket-0.9.6.0 library but it throws the following
> warning
> "WARNING: Crypto package not found. Some features will fail."
>
> Does anyone know if this effects the reliability of the scs script? I have
> it scanning but I don't like that warning.
>
> What other library is Impacket looking for to correct that warning?
>
> --
> Thanks, Joe
>
>
> On Mon, Mar 30, 2009 at 10:27 AM, Paul Ferguson <fergdawgster () gmail com>
> wrote:


-- 
Jason Biel