As an NMap noob can you hook me up with the syntax. I have it all installed correctly but am running out of time to get this fired off. :)
________________________________________ From: Matt Plahtinsky [mplahtin...@gmail.com] Sent: Monday, March 30, 2009 6:33 PM To: NT System Admin Issues Subject: Re: Conflicker detector I just moded nmap as per the link and ran it on my network. Works well. On 3/30/09, Angus Scott-Fleming <angu...@geoapps.com> wrote: > On Mon, Mar 30, 2009 at 5:36 AM, Glen Johnson <gjohn...@vhcc.edu> wrote: > >> We need to set up something that will detect this virus and possibly any >> future virus outbreaks. > > Seen online this morning, maybe this will help: > > ------------------------------------------------------------- > The Honeynet Project has discovered an anomaly in Conficker that makes > it possible to detect infected hosts with an elaborate fingerprint > scan over the network. This is great news if you suspect an infection > and have no other means to check, or if you simply want to > double-check information that your other defense mechanisms (IDS, > AntiVirus, etc) provide. > > The write-up and scanning tool are available on the Honeynet Website. > Nessus Plug-In 36036: www.nessus.org > Instructions on how to scan for Conficker with NMAP: > http://www.skullsecurity.org/blog/?p=209 > > Be careful when searching for any of these tools with a search engine. > A good part of the search results returned on the keyword "Conficker" > are scare-ware and fake anti-virus that try to cash in on the > Conficker scare. We have a summary of removal tools with links > available on isc.sans.org/conficker > ---------------------------------------------------------- > More here with links: > http://isc.sans.org/diary.html?storyid=6097&rss > > > -- > Angus Scott-Fleming > GeoApps, Tucson, Arizona > 1-520-895-3270 > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > -- Sent from my mobile device ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
