Also Known As:
TA08-297A (other)
CVE-2008-4250 (other)
VU827267 (other)
Win32/Conficker.A (CA)
Mal/Conficker-A (Sophos)
Trojan.Win32.Agent.bccs (Kaspersky)
W32.Downadup.B (Symantec)
Confickr (other)
Summary
Worm:Win32/Conficker.B is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.
In this article we'll be using the awesome open-source nmap network scanning engine. In this example I will be preforming my scan from a Linux box. However you can use other OSs.
Y. Park, D. Reeves, V. Mulukutla, und B. Sundaravel. Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, Seite 45:1--45:4. New York, NY, USA, ACM, (2010)
C. Szongott, B. Henne, und M. Smith. Wireless and Mobile Computing, Networking and Communications (WiMob), 2012 IEEE 7th International Conference on, (2012)
D. Bruschi, L. Martignoni, und M. Monga. Detection of Intrusions and Malware & Vulnerability
Assessment, Volume 4064 von LNCS, Springer, Berlin/Heidelberg, Berlin, Germany, (2006)
H. Pareek, S. Romana, und P. Eswari. International Journal of Computer Science, Engineering and Information Technology (IJCSEIT), 2 (5):
13-18(Oktober 2012)
P. Bobade, S. Wadekar, N. Pagare, und K.S.Warke. International Journal of Innovative Science and Modern Engineering (IJISME), 2 (2):
14-15(Januar 2014)