Jump to content

Conficker C

LauBen

By LauBen
in Security

 Share

Recommended Posts

LauBen Newbie

LauBen

Posted
Posted

Guy's & Gal's,

The researchers at SRI International have updated their Conficker paper today. This is by far one of the best analysis of the Conficker malware I have ever read. More malware information is available at SRI's Malware Resource Center, and their URL is http://mtc.sri.com/

These guys produce some of the best analysis of Malware I have ever read. If you are after more intel on botnets and the C&C used by them then take a look at their site. Also if you would like to monitor your own network, then they have a tool called BOTHunter which will monitor the traffic being sent accross your network and alert you to any BOTNET traffic.

I use it along with Honeyd and it rocks!

I'm sure you guys and gals have already read it and know the dudes at SRI but just in case.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

ISC has a lot of good stuf fon conficker/downadup as well. They probably at one point or another link to the tools you spoke of, as they offer a lot of detailed analysis of their own. I check them about once a week for new threats and things to look out for. http://isc.sans.org/ Also a good read if you like this sort of stuff.

http://isc.sans.org/diary.html?storyid=6043

Link to comment
Share on other sites
catchyanow Newbie

catchyanow

Posted
Posted
Guy's & Gal's,

The researchers at SRI International have updated their Conficker paper today. This is by far one of the best analysis of the Conficker malware I have ever read. More malware information is available at SRI's Malware Resource Center, and their URL is http://mtc.sri.com/

These guys produce some of the best analysis of Malware I have ever read. If you are after more intel on botnets and the C&C used by them then take a look at their site. Also if you would like to monitor your own network, then they have a tool called BOTHunter which will monitor the traffic being sent accross your network and alert you to any BOTNET traffic.

I use it along with Honeyd and it rocks!

I'm sure you guys and gals have already read it and know the dudes at SRI but just in case.

Whats the conficker??

Link to comment
Share on other sites
will-wtf Newbie

will-wtf

Posted
Posted
Whats the conficker??

Wow. Well it is the largest, and most versatile botnet in the world that has been detected. Microsoft have offered 250.000 bounty for the creators. There are three releases or modules, a, b and c. C has been the most aggressive by far, blocking access to possible fix sites by keywords such as "norton" etc.

It spread using windows exploits, and so you can probably guess it is aimed at the windows os's. If you want more info, there is an post in this subforum, and a post by digininja in the "botnet tutorial" thread that travels into accessive detail. Darknet.org.uk has the info you probably want in a nice cnn style bulletin, opposed to a 40 page analysis.

And that is my longest post to date, phew!

Link to comment
Share on other sites
  • 2 weeks later...
digip Newbie

digip

Posted
Posted
linux ftw .. windaz confarked lol

Not to start a flame war, but you are only as secure as the user sitting behind the keyboard. Every system is prone to attacks, Microsoft just happens to be the worlds biggest target because it has the largest user base.

http://en.wikipedia.org/wiki/List_of_Linux...viruses#Threats

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...