Unpack Impacket into a folder, then install Impacket from a command line with c:\python26\python setup.py install
Run the scanner with the command c:\python26\python scs.py [start_ip] [end_ip]
(Hat tip to an AC comment at El Reg [theregister.co.uk]).
Just a warning - it runs like a dog. I found that a passive Honeypot like Honeybot [atomicsoft...utions.com] works well and is easier to install.
I have no mod points, but the links in the actual story have zero information on actually running a scan. I'm scanning my office network right now solely because of this comment.
Has anyone manage to find an infect machine this way ? All I get is "No resp.".
Since I'm a bit paranoid, my first reaction is that the tool is not working. Trusting ALL networks I scanned (about 2000 computers, including several notebooks) are not infected is just not in my nature.
The scanner needs to connect to port 445 of the target - if it's blocked by a firewall, you'll get a "No resp.".
(BTW - links in the GP will also help you getting the scanner running under Linux - I just had to install Impacket and run the scanner)
I actually installed both Impacket and Crypto, just to get rid of that warning.
In any case, I'm running this on LANs, so there are no firewalls on the way. I'm not randomly scanning people on the internet. And yes, I am authorized to do this kind of thing on these networks.
I finally managed to find some infected hosts on one of the networks. Weird enough, I'm feeling much better now, knowing I can trust the results I've got on the others.
Window HOWTO (Score:5, Informative)
(Hat tip to an AC comment at El Reg [theregister.co.uk]). Just a warning - it runs like a dog. I found that a passive Honeypot like Honeybot [atomicsoft...utions.com] works well and is easier to install.
mod parent up (Score:2)
I have no mod points, but the links in the actual story have zero information on actually running a scan. I'm scanning my office network right now solely because of this comment.
Re: (Score:2)
Has anyone manage to find an infect machine this way ? All I get is "No resp.".
Since I'm a bit paranoid, my first reaction is that the tool is not working. Trusting ALL networks I scanned (about 2000 computers, including several notebooks) are not infected is just not in my nature.
Re: (Score:3, Informative)
Re: (Score:3, Informative)
I actually installed both Impacket and Crypto, just to get rid of that warning.
In any case, I'm running this on LANs, so there are no firewalls on the way. I'm not randomly scanning people on the internet. And yes, I am authorized to do this kind of thing on these networks.
Re: (Score:2)
check and make sure the built in Windows firewall on the hosts you are trying to check is not blocking the request.
Re: (Score:2)
I finally managed to find some infected hosts on one of the networks. Weird enough, I'm feeling much better now, knowing I can trust the results I've got on the others.
Looks like the tool works nicely, as advertised.
Re: (Score:1)
Re: (Score:2)
http://www.amk.ca/python/code/crypto.html [www.amk.ca]
Re: (Score:2)
Re: (Score:2)
On linux you can use
easy_install impacket
to install impacket if it isn't in your repository (you need the setuptools package for python however)
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)