Nmap Development mailing list archives
Re: Any infections being discovered?
From: Ron <ron () skullsecurity net>
Date: Wed, 01 Apr 2009 09:56:21 -0500
Rathbun, Dan wrote:
We have now scanned over 100,000 IP addresses using Nmap version 4.85BETA6 rev 12822 and apparently we are totally clean. That sounds like good news, but I find myself wanting to validate the results. Has anyone used the smb-check-vulns.nse script in a production environment and discovered INFECTION yet? I don't wish an infection on anyone, of course, but I just want to know that the detection mechanism is actually working before I breathe a sigh of relief! Dan RathbunInformation Security Director CISSP, GSLC, GSEC, GLEG, GSNA and G7799 Certified
I've had a Pcap running at my network boundary for the past couple weeks. From it, I harvested a list of a couple dozen addresses that have been attacking me. I scanned that list, and ~a dozen or so came back as infected.
Ron _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Any infections being discovered? Rathbun, Dan (Apr 01)
- Re: Any infections being discovered? Ron (Apr 01)
- Re: Any infections being discovered? Jan Reister (Apr 01)
- Re: Any infections being discovered? Jan Reister (Apr 02)
- Re: Any infections being discovered? Surya Kiran (Virus) (Apr 02)
- Re: Any infections being discovered? Jan Reister (Apr 02)