BTW, I fat-fingered the last part of the message. Enabling that flag
*will* enable the check for the DoS so use it at your own risk.
-jhs
On Mar 30, 2009, at 11:22 AM, John Sawyer wrote:
The Conficker check is in the latest SVN version of Nmap. It's in
the smb-check-vulns.nse which now checks for Conficker, MS08-067 and
a regsvc DoS.
nmap --script smb-check-vulns.nse -p445
For safety's sake, you might want to also run it with --script-
args=unsafe=1 to prevent possible crashes from the regsvc check.
That should not turn off the conficker check.
-jhs
On Mar 30, 2009, at 11:10 AM, Chris Merkel wrote:
According to this:
http://www.theregister.co.uk/2009/03/30/
conficker_signature_discovery/
A script should be released today to scan for conficker-infected
machines over the wire.
I looked at the NSE portal and haven't seen anything yet - would it
show up there, or is there a development site or repository where
this
will first appear?
I'd like to get a scan in before April 1st, when variant C drops.
--
- Chris Merkel
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
