Skip to content

conficker

Detect Conficker Worm With nmap 4.85BETA6 on Arch Linux

As I’m sure you’ve all heard, today is April Fools and the day that the conficker worm is set to… well, do something. I haven’t read any reports on just exactly what it has done, if anything today, but I was able to come up with a solution that will allow you to scan for it using Arch Linux and the latest-greatest build of nmap. I just ran a scan on my home network and didn’t find anything (granted I only have Arch Linux, FreeBSD and Mac OS X machines here), but the same steps can be used to scan your office networks if you’re still wondering about being vulnerable. I will outline below how to install the Arch Build System (ABS), update the PKGBUILD for nmap to install the latest nmap and finally how to scan a range of networks for the conficker worm. Installation via ABS To build the latest-greatest copy of nmap we’ll use the ABS and simply update the PKGBUILD information. Read more