Since a signature has been discovered that conficker worm leaves
on infected machines, you can now scan a machine and ask it ,if it is infected with the conficker worm,
beta5 version of NMAP provides this ability.
follow these quick steps to scan entire networks and give them a clean
bill of health from the conficker worm.
to download and install Nmap beta 5 do the following:
on infected machines, you can now scan a machine and ask it ,if it is infected with the conficker worm,
beta5 version of NMAP provides this ability.
follow these quick steps to scan entire networks and give them a clean
bill of health from the conficker worm.
to download and install Nmap beta 5 do the following:
wget http://download.insecure.org/nmap-dist/nmap-4.85BETA5.tar.bz2
bzip2 -cd nmap-4.85BETA5.tar.bz2 | tar xvf -
cd nmap-4.85BETA5
./configure
make
su root
make install
to Scan for conficker type the following
nmap -PN T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [target network]
eg:
nmap -PN T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 192.168.1.0/24
bzip2 -cd nmap-4.85BETA5.tar.bz2 | tar xvf -
cd nmap-4.85BETA5
./configure
make
su root
make install
to Scan for conficker type the following
nmap -PN T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [target network]
eg:
nmap -PN T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 192.168.1.0/24
the scan will take a while depending on the size of your network.
1 comment:
you need to have python-devel installed before running make install
yum install python-devel
if its not installed
Post a Comment