- 5112 days inactive
- 5112 days old
- 1 participants
- 0 comments
j: Next unread message
k: Previous unread message
j a: Jump to all threads
j l: Jump to MailingList overview
If any of you haven't seen, researchers have found that Conficker leaves a fingerprint because of how it changes the Windows network stack. This fingerprint can be checked for with tools such as nmap.
Nmap has released a new (beta) release that enables Conficker infections just by scanning the network.
For more information (including commands for Conficker scanning) see: http://insecure.org/
An original tool (before it was added into nmap) is also available: http://iv.cs.uni-bonn.de/uploads/media/scs.zip
And further info can be found at these sites: http://www.honeynet.org/ (https://www.honeynet.org/node/389) http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/
-- Security Analyst | Hotline: +61 7 3365 4417 AusCERT | Fax: +61 7 3365 7031 Australia's National CERT | WWW: www.auscert.org.au Brisbane QLD Australia | Email: email@example.com