Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: C|Net serving malware with nmap software - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
C|Net serving malware with nmap software

Fyodor from and the creator of nmap has issued the following statement on the nmap-hackers mailing list today.

nmap is one the most respected networking tools available.
This is just another example that it is easy to be duped.

Downloaders beware. Stay vigilant.

ISC Handler on Duty

Kevin Shortt

85 Posts
ISC Handler
Dec 6th 2011
CNet has been doing this for a long time. I refuse to download anything from them. Why bother when sourceforge is a billion times faster, anyways?
I would like to see more sites post the hash value of the official package right next to the download button. While not perfect it would definitely influence me not to install a package that didn't compute.
I uninstalled the CNET tracker from my Mac just today...used to hit it every day for updates and new apps. but not now.

35 Posts
That's WHY I only download applications from the source, rather than second party sites.
Too easy to end up having to format and reimage my machine otherwise.

8 Posts
I don't know that I would categorize the Bing! toolbar as malware. It's not like that, and having your default web page changed to Microsoft, are the same thing as being hit with Blackhole, Zbot, etc. Is it annoying, rude, and a flagrant violation of Nmap's terms of use? Absolutely. But malware? Not by any definition I've seen

3 Posts

File name: [b]29d0ca5df3dd63a69630a1bbdbfbcfdad6271702[/b]
Submission date: 2011-12-07 06:34:59 (UTC)
Result: 7/43 (16.3%)

160 Posts

Sign Up for Free or Log In to start participating in the conversation!