funsec mailing list archives
Re: Disabling Conficker "DNS Lookup Blocking"...
From: Paul Ferguson <fergdawgster () gmail com>
Date: Tue, 31 Mar 2009 21:39:37 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Mar 31, 2009 at 9:25 PM, Richard Golodner <rgolodner () infratection com> wrote:
Paul F said tonight: "Trend Micro engineers have discovered that if you open a DOS shell window, and enter "net stop dnscache", infected systems can then reach the domains initially blocked by Conficker."
Paul, nice work. You just saved a lot of people a good deal of aggravation by helping them to be able to update their machines. Good job over there at Trend Micro.
Thanks for the kind words. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFJ0u//q1pz9mNUZTMRAsFgAKDgOekKfLoWJpv79nuXHsqIJbI26wCgo3B9 0PVW7PW47gmAcqn+W1NTZq0= =ICx0 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Disabling Conficker "DNS Lookup Blocking"... Paul Ferguson (Apr 01)