Conficker links

Tomorrow is phone home day for Conficker…

 

I went over today’s links from security people I follow on twitter. Dan Kaminsky (of last years DNS fame) has one of the best interview articles I’ve seen on Conficker at a high level and new tools related, but here are some additional docs:

http://isc.sans.org/conficker – SANS ISC Entry of third party removal tools

http://www.honeynet.org/papers/conficker/ – Know Your Enemy: Containing Conficker.

http://seclists.org/nmap-dev/2009/q1/0870.html – Nmap Scripting Engine script for detection.

http://securitylabs.websense.com/content/Alerts/3329.aspx – Some Technical nitty gritty of it by websense.

http://www.doxpara.com/?p=1294 – Packaged, updated, stand alone scanner by Kaminsky (rebuild the py2exe, Tillmann and Felix’s scs code, now with Core’s impacket library safely embedded); as well as more links for windows (nmap) scanning.

http://blog.tenablesecurity.com/2009/03/detecting-conficker-with-nessus.html – nessus plugin blog update

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx – Microsoft’s “Protect yourself from the Conficker computer worm” entry.

Leave a Reply

Your email address will not be published. Required fields are marked *