LauBen Posted March 20, 2009 Share Posted March 20, 2009 Guy's & Gal's, The researchers at SRI International have updated their Conficker paper today. This is by far one of the best analysis of the Conficker malware I have ever read. More malware information is available at SRI's Malware Resource Center, and their URL is http://mtc.sri.com/ These guys produce some of the best analysis of Malware I have ever read. If you are after more intel on botnets and the C&C used by them then take a look at their site. Also if you would like to monitor your own network, then they have a tool called BOTHunter which will monitor the traffic being sent accross your network and alert you to any BOTNET traffic. I use it along with Honeyd and it rocks! I'm sure you guys and gals have already read it and know the dudes at SRI but just in case. Quote Link to comment Share on other sites More sharing options...
digip Posted March 20, 2009 Share Posted March 20, 2009 ISC has a lot of good stuf fon conficker/downadup as well. They probably at one point or another link to the tools you spoke of, as they offer a lot of detailed analysis of their own. I check them about once a week for new threats and things to look out for. http://isc.sans.org/ Also a good read if you like this sort of stuff. http://isc.sans.org/diary.html?storyid=6043 Quote Link to comment Share on other sites More sharing options...
will-wtf Posted March 23, 2009 Share Posted March 23, 2009 Thanks for this guys! Quote Link to comment Share on other sites More sharing options...
catchyanow Posted March 24, 2009 Share Posted March 24, 2009 Guy's & Gal's, The researchers at SRI International have updated their Conficker paper today. This is by far one of the best analysis of the Conficker malware I have ever read. More malware information is available at SRI's Malware Resource Center, and their URL is http://mtc.sri.com/ These guys produce some of the best analysis of Malware I have ever read. If you are after more intel on botnets and the C&C used by them then take a look at their site. Also if you would like to monitor your own network, then they have a tool called BOTHunter which will monitor the traffic being sent accross your network and alert you to any BOTNET traffic. I use it along with Honeyd and it rocks! I'm sure you guys and gals have already read it and know the dudes at SRI but just in case. Whats the conficker?? Quote Link to comment Share on other sites More sharing options...
will-wtf Posted March 24, 2009 Share Posted March 24, 2009 Whats the conficker?? Wow. Well it is the largest, and most versatile botnet in the world that has been detected. Microsoft have offered 250.000 bounty for the creators. There are three releases or modules, a, b and c. C has been the most aggressive by far, blocking access to possible fix sites by keywords such as "norton" etc. It spread using windows exploits, and so you can probably guess it is aimed at the windows os's. If you want more info, there is an post in this subforum, and a post by digininja in the "botnet tutorial" thread that travels into accessive detail. Darknet.org.uk has the info you probably want in a nice cnn style bulletin, opposed to a 40 page analysis. And that is my longest post to date, phew! Quote Link to comment Share on other sites More sharing options...
deltatsunami Posted April 3, 2009 Share Posted April 3, 2009 Thanks for the link, I think it will be useful in the future. MTC is one nice group. Quote Link to comment Share on other sites More sharing options...
0x3 Posted April 10, 2009 Share Posted April 10, 2009 download scs scanner for conficker checker in your network ... scs.py <192.168.1.1> <192.168.1.254> Quote Link to comment Share on other sites More sharing options...
unixpro Posted April 17, 2009 Share Posted April 17, 2009 linux ftw .. windaz confarked lol Quote Link to comment Share on other sites More sharing options...
digip Posted April 17, 2009 Share Posted April 17, 2009 linux ftw .. windaz confarked lol Not to start a flame war, but you are only as secure as the user sitting behind the keyboard. Every system is prone to attacks, Microsoft just happens to be the worlds biggest target because it has the largest user base. http://en.wikipedia.org/wiki/List_of_Linux...viruses#Threats Quote Link to comment Share on other sites More sharing options...
shonen Posted April 17, 2009 Share Posted April 17, 2009 *nods* I concur digip, As much as I like linux over windows there is no need for that mac elitist type fan boy attitude. =P Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.