AnsweredAssumed Answered

How to create a specific (targeted) scan profile limited to Conficker remote detection only?

Question asked by q-community on Feb 12, 2013
Latest reply on Mar 11, 2013 by q-community

Like many others we still sometimes suffer from Conficker and as such for a dedicated Subnet in our Service Department I want to perform regular scans just to identify conficker infected legacy systems. My question is now how an Option Profile for Conficker is to be created?

Is it sufficinet to set TCP, UDP Ports and other settings to  "None" just providing the Option Profile with QID 1227 and finally the correct ports will be scanned or is it a more complex setup where I need to understand more about Conficker itself to create the correct profile?


Didn't find any kind of manual on "targeted" option profiles based on QIDs and would appreciate any hint.