mailing list archives
Question - script: p2p-conficker
From: Joe.Lemak () omya com
Date: Mon, 20 Jan 2014 18:50:31 -0500
I am trying to identify internal IP of infected host with conficker.
I am running script: p2p-conficker
I am following recommendation:
Run the scripts against all active hosts (recommended)
nmap -p139,445 -vv --script p2p-conficker,smb-os-discovery,smb-check-vulns
--script-args=checkconficker=1,safe=1 -T4 <host>
The command will find hosts and lists open/closed port 139 and 445,
however no infection found yet.
This a comment in a script description:
"This check won't work properly on a multihomed or NATed system because
the open ports will be based on a nonpublic IP"
Does the above script comment is saying that it will not work on my
internal network using private IPs?
Network Systems Engineer
9987 Carver Rd, Suite 300
Cincinnati, Ohio 45242
+1 513 387 4367
Mobile:+1 513 515 9263
Fax:+1 513 672 2073
eMail: Joe.Lemak () omya com
"This message contains information that may be confidential or privileged and
only for the individual or entity named above. No one else may disclose, copy,
or use the contents of this message. Unauthorized use, dissemination and
is strictly prohibited, and may be unlawful. All personal messages express
of the sender, which are not to be attributed to Omya AG and its subsidiaries
If you received this message in error, please notify the Sender and delete this
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/
- Question - script: p2p-conficker Joe . Lemak (Jan 22)