Nmap Development mailing list archives

Re: conficker scan

From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 31 Mar 2009 22:54:51 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 31 Mar 2009 20:18:17 +0000
Joshua Kaplan <joshuamkaplan () hotmail com> wrote:


Got the scan working. Please clarify one result. In the host script
results section, I see:

MS08-067: NOT RUN


The original command line is:

nmap -p 445 -d -PN --script smb-check-vulns --script-args safe=1
192.168.1.105 >> conficker_scan.txt

What does that mean ?


When you run the script with 'safe=1' the MS08-067 check isn't run.
Nmap did not try to determine if the machine was patched or not.  It
only tried to see if Conficker was on the box.

If you want to test for MS08-067 too drop the 'safe=1' argument.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (GNU/Linux)

iEYEARECAAYFAknSnzsACgkQqaGPzAsl94IJggCfZ1PNUaEhn0mAPJYKHwdpKnSf
38AAoKWhmPT9nqQKWrqrq21draXtm0uG
=duv1
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

conficker scan Joshua Kaplan (Mar 31)
- Re: conficker scan David Fifield (Mar 31)
- <Possible follow-ups>
- conficker scan Joshua Kaplan (Mar 31)
  - Re: conficker scan Brandon Enright (Mar 31)
  - Re: conficker scan ( MS08-067: NOT RUN question) Tom Sellers (Mar 31)
  - Re: conficker scan David Fifield (Mar 31)
    - Re: conficker scan Ron (Mar 31)