Nmap Development mailing list archives

Re: Can nmap find Conficker/kido on XP/Vista/7 client PCs that don't use Server service?


From: Ron <ron () skullsecurity net>
Date: Thu, 6 May 2010 22:23:13 -0500

No, but --script=p2p-conficker will work (as long as it's Conficker.C). 

On Thu, 6 May 2010 10:33:51 -0500 Charles Geary
<gearycharles () rockwood k12 mo us> wrote:
Hi, nmap folks.

Looked through the docs, but didn't see the answer...

To prevent Conficker spread, we recently disabled Server service on
all our workstations. Can the following nmap command string still
(safely) find Conficker/kido in our environment?

nmap --script=smb-check-vulns --script-args=safe=1 -p445 -d <IP Range>

Thanks for your time.  :-)

--Chaz Geary,
Geggie tech support guy,
district anti-virus/Lightspeed/
backup/AE specialist,
Rockwood Schools,
St. Louis County, MO USA

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86

Attachment: _bin
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread: