The Conficker check is in the latest SVN version of Nmap. It's in the
smb-check-vulns.nse which now checks for Conficker, MS08-067 and a
regsvc DoS.
nmap --script smb-check-vulns.nse -p445
For safety's sake, you might want to also run it with --script-
args=unsafe=1 to prevent possible crashes from the regsvc check. That
should not turn off the conficker check.
-jhs
On Mar 30, 2009, at 11:10 AM, Chris Merkel wrote:
According to this:
http://www.theregister.co.uk/2009/03/30/conficker_signature_discovery/
A script should be released today to scan for conficker-infected
machines over the wire.
I looked at the NSE portal and haven't seen anything yet - would it
show up there, or is there a development site or repository where this
will first appear?
I'd like to get a scan in before April 1st, when variant C drops.
--
- Chris Merkel
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
