Educause Security Discussion mailing list archives

Re: Conflicker/NMAP

From: "Greg T. Grimes" <greg.grimes () MSSTATE EDU>
Date: Tue, 31 Mar 2009 09:30:08 -0500

It's Conficker, not Conflicker.  It's also known as Downadup.  And as most
security researches have stated, it's not as big a threat as is being
portrayed in the media.  If your computers are patched and virus
definitions are up to date then you shouldn't have anything to worry
about.  Currently Conficker isn't our problem it's Trojan.Flush.M.  If you
haven't heard about this one, be on the look out for people using offsite
DNS.

On Tue, 31 Mar 2009, Consolvo, Corbett D wrote:

I realize many folks may not want to answer this, but has anyone had
many positives/infections with the released nmap scan for Conflicker?  So
far we seem to be coming up clean and many other folks I've talked to or
emailed with have come up clean as well.  I'm just concerned about the
possibility of false negatives.  Of course, the problem may not be
particularly wide-spread except in the eyes of some media outlets.

Thanks,
Corbett Consolvo
Texas State University


--
Greg T. Grimes
Senior Network Analyst
Information Technology Services
Mississippi State University
greg.grimes () msstate edu

Current thread:

Conflicker/NMAP Consolvo, Corbett D (Mar 31)
- <Possible follow-ups>
- Re: Conflicker/NMAP Stanclift, Michael (Mar 31)
- Re: Conflicker/NMAP Harris, Michael C. (Mar 31)
- Re: Conflicker/NMAP Greg T. Grimes (Mar 31)
- Re: Conflicker/NMAP Jason S. Cash (Mar 31)
- Re: Conflicker/NMAP David Boyer (Mar 31)
- Re: Conflicker/NMAP Ken Connelly (Mar 31)
- Re: Conflicker/NMAP Jason Testart (Mar 31)
- Re: Conflicker/NMAP Jason Frisvold (Mar 31)
- Re: Conflicker/NMAP Mike Austin (Mar 31)
- Re: Conflicker/NMAP King, Ronald A. (Mar 31)
- Re: Conflicker/NMAP John Sawyer (Mar 31)
- Re: Conflicker/NMAP Jerry Sell (Mar 31)
- Re: Conflicker/NMAP Pete Hickey (Mar 31)

(Thread continues...)