PaulDotCom mailing list archives
Poor Man's Conficker Checker
From: trklisted at networksamurai.org (mOses)
Date: Wed, 1 Apr 2009 14:21:35 -0400
The eEye scanner is pretty good and you can't beat the price, the NMAP one is also very good so you can actually use both for validation. The only point I would like to mention about it is that existing Retina customer should NOT install that executable and instead must update their retina scanners to the latest build to leverage the conficker checking algorithm. One more thing to note is that the NMAP NSE scripts and most of these other scripts are somewhat 'beta' so please exercise caution as it is unknown weather services could fail as with any scan of this type. Moses Hernandez Fingerprint: 8A3A 9B36 0509 2B50 C2C9 A960 1A19 B165 A167 F4D7 moses at networksamurai.org http://www.twitter.com/mosesrenegade Mentor SANS560: Penetration Testing and Ethical Hacking. Miami in starting in April. http://www.sans.org/mentor/details.php?nid=17383 On Apr 1, 2009, at 2:08 PM, Tim Krabec wrote:
Jokes based on his checker http://www.kracomp.com/cfeyechart.html http://www.kracomp.com/confickereyechart.html and serious free scanner from eeye http://www.eeye.com/html/downloads/other/ConfickerScanner.html also nmap has a scanner(free) 2009/4/1 John Sawyer <jsawyer at ufl.edu> Or, maybe I should say, "Simple Man's Conficker Checker" since it is good for family and friends who might hurt themselves trying to run a checking tool. And it is a really simple idea, yet brilliant. By leveraging Conficker's blocking of certain domains, you can do some simple detection of whether or not the machine you're sitting at is infected. http://www.joestewart.org/cfeyechart.html Kudos to Joe Stewart!! -jhs _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com -- Tim Krabec Kracomp 772-597-2349 smbminute.com kracomp.blogspot.com www.kracomp.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090401/8a8fd937/attachment.htm
Current thread:
- Poor Man's Conficker Checker John Sawyer (Apr 01)
- Poor Man's Conficker Checker Robin Wood (Apr 01)
- Poor Man's Conficker Checker Tim Krabec (Apr 01)
- Poor Man's Conficker Checker mOses (Apr 01)