Activity Summary
- 5293 days inactive
- 5293 days old
- pacnog@pacnog.org
- 2 participants
- 1 comments
j
: Next unread message k
: Previous unread message j a
: Jump to all threads
j l
: Jump to MailingList overview
Hello,
Maybe it's just me, but this makes it seem as if you can infect machines with Conficker by scanning the network with NMap.
"Nmap has released a new (beta) release that enables Conficker infections just by scanning the network."
Do I just need more coffee? :-)
scott
--- richard@auscert.org.au wrote:
From: Richard Billington richard@auscert.org.au To: pacnog@pacnog.org Subject: [pacnog] Conficker C - Scanning (remote detection) tool available Date: Tue, 31 Mar 2009 10:09:55 +1000
Hi Teams,
If any of you haven't seen, researchers have found that Conficker leaves a fingerprint because of how it changes the Windows network stack. This fingerprint can be checked for with tools such as nmap.
Nmap has released a new (beta) release that enables Conficker infections just by scanning the network.
For more information (including commands for Conficker scanning) see: http://insecure.org/
An original tool (before it was added into nmap) is also available: http://iv.cs.uni-bonn.de/uploads/media/scs.zip
And further info can be found at these sites: http://www.honeynet.org/ (https://www.honeynet.org/node/389) http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/
Happy Scanning
Regards, Richard
-- Security Analyst | Hotline: +61 7 3365 4417 AusCERT | Fax: +61 7 3365 7031 Australia's National CERT | WWW: www.auscert.org.au Brisbane QLD Australia | Email: auscert@auscert.org.au _______________________________________________ pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
Hi Scott,
I think it is ME who needs that coffee! It should of course read:
"Nmap has released a new (beta) release that enables _*you to detect*_ Conficker infections just by scanning the network."
Richard
Hello,
Maybe it's just me, but this makes it seem as if you can infect machines with Conficker by scanning the network with NMap.
"Nmap has released a new (beta) release that enables Conficker infections just by scanning the network."
Do I just need more coffee? :-)
scott
--- richard@auscert.org.au wrote:
From: Richard Billington richard@auscert.org.au To: pacnog@pacnog.org Subject: [pacnog] Conficker C - Scanning (remote detection) tool available Date: Tue, 31 Mar 2009 10:09:55 +1000
Hi Teams,
If any of you haven't seen, researchers have found that Conficker leaves a fingerprint because of how it changes the Windows network stack. This fingerprint can be checked for with tools such as nmap.
Nmap has released a new (beta) release that enables Conficker infections just by scanning the network.
For more information (including commands for Conficker scanning) see: http://insecure.org/
An original tool (before it was added into nmap) is also available: http://iv.cs.uni-bonn.de/uploads/media/scs.zip
And further info can be found at these sites: http://www.honeynet.org/ (https://www.honeynet.org/node/389) http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/
Happy Scanning
Regards, Richard
-- Security Analyst | Hotline: +61 7 3365 4417 AusCERT | Fax: +61 7 3365 7031 Australia's National CERT | WWW: www.auscert.org.au Brisbane QLD Australia | Email: auscert@auscert.org.au _______________________________________________ pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog