Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: How to use Nmap to scan very large networks for Conficker
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 31 Mar 2009 08:05:59 +0000

You're the second person to report this to me. The other gentleman built from the tarball on Fedora 9. I'll forward/gather more information when I'm in front of a computer.

Brandon

Sent from my phone. If you would like a digital signature for this email let me know and I will sign it later.


On Mar 31, 2009, at 8:01, Lionel Cons <lionel.cons () cern ch> wrote:

Brandon Enright <bmenrigh () ucsd edu> writes:
sudo nmap -sC --script=smb-check-vulns --script-args=safe=1 -p445 \
-d -PN -n -T4  --min-hostgroup 256 --min-parallelism 64 \
-oA conficker_scan <your network(s) here>

This looks great but when I run it I get after some time:

[...]
Discovered open port 445/tcp on 10.1.166.22
Discovered open port 445/tcp on 10.1.161.22
Completed SYN Stealth Scan at 09:58, 1.90s elapsed (1024 total ports)
Overall sending rates: 653.08 packets / s, 28735.55 bytes / s.
NSE: Initiating script scanning.
NSE: Script scanning 1024 hosts.
NSE: Matching rules.
NSE: Running scripts.
NSE: Runlevel: 2.000000
Initiating NSE at 09:58
Running 3 script threads:
NSE (47.564s): Starting smb-check-vulns against 10.1.161.21.
NSE (47.564s): Starting smb-check-vulns against 10.1.161.22.
NSE (47.564s): Starting smb-check-vulns against 10.1.166.22.
evp_enc.c(261): OpenSSL internal error, assertion failed: inl > 0
Aborted

Any clue?

Cheers,

Lionel Cons

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]