Mac users are largely immune to the world of virus and trojans, but it’s not uncommon for you to be a Mac user in a LAN sea of Windows PC’s. The Conficker Virus is Windows only but it’s garnering a lot of attention, so if you’re on a Windows LAN at home, work, or school, you may want to check if the Windows machines are vulnerable or infected with Conficker. You can do this from your immune Mac OS X machine pretty easily with a cool command line utility called nmap. Here are the steps:

1) First you need to install the command line tool nmap, you can download the OS X install package from the official nmap site here. I recommend downloading the latest beta version to have the most up-to-date scanning scripts.

2) Use nmap to search your LAN for vulnerabilities to Conficker by using the following command:
nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 192.168.0.1-254
Note: Be sure to substitute the IP range for your LAN, so this may be something other than the IP range above, like 10.1.1.10-100

3) Examine the output of nmap, you are looking for something like this to tell if you have a problem:
Host script results:
| smb-check-vulns:
| MS08-067: FIXED
| Conficker: Likely INFECTED
|_ regsvc DoS: VULNERABLE


If you find a Windows PC that is likely infected, you can follow the following two Microsoft knowledge-base articles to help you out: Protection from Conficker for Consumers and Conficker Protection for IT Professionals – we won’t cover the details here because this is a Mac site.

Nobody really knows if Conficker is dangerous or not, but we’ll all likely find out soon as April 1st is some mystery execution date – it could be a joke or the Windows world could explode into calamity, we’ll see. You can read more about the nmap Conficker scan script we reference above here. It’s worth mentioning that you can install nmap with MacPorts, but the version included in MacPorts is nmap 4.60 and does not contain the script we want to use for this scan, which is why I recommend installing the latest beta version (as of now, nmap 4.85b5).

It’s very easy to mirror an entire web site on your local machine thanks to the terminal command wget, here’s how to do it:

Launch the Terminal and type the following command, replacing guimp.com (a tiny website) with the URL you desire to mirror locally.

wget -m http://www.guimp.com/

This will download the entire site on your local drive in a directory named the websites URL… note that this isn’t a particularly effective way to truly backup a website and it’s functionality, it’s simply mirroring it locally.

Note: various readers pointed out that wget is not installed in Mac OS X by default and that you’ll need to install it using MacPorts, you can check out our past article on installing MacPorts or visit the developer website at macports.org. MacPorts is a very useful tool allowing you to easily install open source software packages and is highly recommended for moderate to advanced OS X users, or those interested in the command line.