27th September 2009 - NMAP Information
Par Marc Blanchard [Virus Docteur], dimanche 27 septembre 2009 à 20:12 :: Epidemiology - english section - :: #76 :: rss :: PDF
The 27th September 2009, two researchers shared with me an interesting tool that check the complete network with linux NMAP.
Here is the description:
Installation :
With the latest distributions of RedHat, CentOs or Fedora, download this package :
- yum install nmap
__If you use other distribs, proceed to this part and compile the package. If you use 64bits OS, please install libstdc++__
wget http://nmap.org/dist/nmap-5.00.tar.bz2
tar xjfv nmap-5.00.tar.bz2
cd nmap-5.00
./configure
make
make install
How to use :
Type following sentence :
nmap -PN 192.168.0.0/24 -p139,445 -n -v -script smb-check-vulns -script-args safe=1
If you want to log to report, please type :
nmap -PN 192.168.0.0/24 -p139,445 -n -v -script smb-check-vulns -script-args safe=1 >> /directory/resultat.log
NOTA: on these arguments, please double this caracter '-' the native argument (bug on DotClear): -script smb-check-vulns -script-args
All infected computers will be tagged as INFECTED
CONCLUSION :
This procedure only shows you that some computers of your network are infected, but this tool will not clean it.
Commentaires
Aucun commentaire pour le moment.
Ajouter un commentaire