Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Any infections being discovered?
From: Ron <ron () skullsecurity net>
Date: Wed, 01 Apr 2009 09:56:21 -0500

Rathbun, Dan wrote:
We have now scanned over 100,000 IP addresses using Nmap version
4.85BETA6 rev 12822 and apparently we are totally clean.  That sounds
like good news, but I find myself wanting to validate the results.  Has
anyone used the smb-check-vulns.nse script in a production environment
and discovered INFECTION yet?  I don't wish an infection on anyone, of
course, but I just want to know that the detection mechanism is actually
working before I breathe a sigh of relief!

Dan Rathbun
Information Security Director CISSP, GSLC, GSEC, GLEG, GSNA and G7799 Certified

I've had a Pcap running at my network boundary for the past couple weeks. From it, I harvested a list of a couple dozen addresses that have been attacking me. I scanned that list, and ~a dozen or so came back as infected.

Ron

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]