• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

How to detect a malware in my network using NMAP?

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Networking

View previous topic :: View next topic  
Author Message
rpk2006
Just Arrived
Just Arrived


Joined: 26 Nov 2004
Posts: 0


Offline

PostPosted: Mon Jan 03, 2011 8:36 pm    Post subject: How to detect a malware in my network using NMAP? Reply with quote

I just installed NMAP on my PC. Though I have a 3.1 Mbps internet connection, it runs very slow. I scanned my whole hard-disk with anti-virus, contacted customer support of my ISP and done everything but it is not improving.

Sometimes I think any worm is consuming the bandwidth and it is probably not detected by the anti-virus.

What type of information to trace using NMAP if any such malware is there?
Back to top
View user's profile Send private message
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Mon Jan 03, 2011 11:37 pm    Post subject: Reply with quote

Nmap is a port scanner. What this means is that it will send a variety of packets to a pre-determined (by you) series of ports to see if there is an active socket listening for incoming connections.

What I am trying to say is that Nmap is not really what you should be using to see if you have malware on your computer. Please give us some more information about your platform ie: you running Microsoft Windows (if so what version and service pack) or are you running Linux/BSD/Mac and so on.

Please help us help you by giving us as much information as possible. As with all things in life, try and find the breakpoint. Where are things going wrong? Once you are able to diagnose the problem you will be able to correct it.

p.s we have an excellent malware forum here. You may wish to yourself of their services and expertise.
Back to top
View user's profile Send private message Visit poster's website
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Fri Jan 07, 2011 11:10 pm    Post subject: Reply with quote

Also to note, nmap is not the quickest of programs either. It really depends on what you are scanning and what options you are using.

I have waited 30 minutes for scans to finish before and then I wasnt scanning whole subnets either.

Matt
Back to top
View user's profile Send private message
rpk2006
Just Arrived
Just Arrived


Joined: 26 Nov 2004
Posts: 0


Offline

PostPosted: Mon Jan 10, 2011 5:14 pm    Post subject: Reply with quote

Thanks for the replies.

I am using Windows 7. On other machines running Windows XP, I have installed a HoneyPot to capture web-traffic streams. Daily I get malicious URLs pointing to a remote file that might contain malicious code.

Please suggest some ways on how to monitor these streams effectively and identify potential threats. In the last few days I noticed few malwares just skipped the detection of many reputed anti-virus engines.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Networking All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter