Nmap Development mailing list archives
Re: article about Conficker says nmap can be used to discover it
From: Fyodor <fyodor () insecure org>
Date: Mon, 30 Mar 2009 10:49:19 -0700
On Mon, Mar 30, 2009 at 12:23:53PM -0500, DePriest, Jason R. wrote:
The Register has a story here: http://www.theregister.co.uk/2009/03/30/conficker_signature_discovery/ that claims nmap has "signatures" coming soon to sniff out Conficker infected systems. I can't find anything in the nmap mailing list archives to validate this. Who's been working on it? Is it going to be an NSE script?
It is in the svn now. I'm working on a 4.85BETA5 release in the next hour or two, but for now you can find instructions on running it from SVN here: http://www.skullsecurity.org/blog/?p=209 If anyone is able to test this, please do report your results! As we've been pretty rushed since we just found out about the technique yesterday. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- article about Conficker says nmap can be used to discover it DePriest, Jason R. (Mar 30)
- Re: article about Conficker says nmap can be used to discover it Brandon Enright (Mar 30)
- Re: article about Conficker says nmap can be used to discover it Michael Pattrick (Mar 30)
- Re: article about Conficker says nmap can be used to discover it Fyodor (Mar 30)
- Re: article about Conficker says nmap can be used to discover it Corey Chandler (Mar 30)
- Re: article about Conficker says nmap can be used to discover it Ron (Mar 30)
- Re: article about Conficker says nmap can be used to discover it Jay Fink (Mar 30)
- Re: article about Conficker says nmap can be used to discover it venkat sanaka (Mar 30)
- Re: article about Conficker says nmap can be used to discover it Corey Chandler (Mar 30)