mailing list archives
Re: How to use Nmap to scan very large networks for Conficker
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 31 Mar 2009 08:05:59 +0000
You're the second person to report this to me. The other gentleman
built from the tarball on Fedora 9. I'll forward/gather more
information when I'm in front of a computer.
Sent from my phone. If you would like a digital signature for this
email let me know and I will sign it later.
On Mar 31, 2009, at 8:01, Lionel Cons <lionel.cons () cern ch> wrote:
Brandon Enright <bmenrigh () ucsd edu> writes:
sudo nmap -sC --script=smb-check-vulns --script-args=safe=1 -p445 \
-d -PN -n -T4 --min-hostgroup 256 --min-parallelism 64 \
-oA conficker_scan <your network(s) here>
This looks great but when I run it I get after some time:
Discovered open port 445/tcp on 10.1.166.22
Discovered open port 445/tcp on 10.1.161.22
Completed SYN Stealth Scan at 09:58, 1.90s elapsed (1024 total ports)
Overall sending rates: 653.08 packets / s, 28735.55 bytes / s.
NSE: Initiating script scanning.
NSE: Script scanning 1024 hosts.
NSE: Matching rules.
NSE: Running scripts.
NSE: Runlevel: 2.000000
Initiating NSE at 09:58
Running 3 script threads:
NSE (47.564s): Starting smb-check-vulns against 10.1.161.21.
NSE (47.564s): Starting smb-check-vulns against 10.1.161.22.
NSE (47.564s): Starting smb-check-vulns against 10.1.166.22.
evp_enc.c(261): OpenSSL internal error, assertion failed: inl > 0
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org