nanog mailing list archives

Re: The Confiker Virus.

From: Paul Ferguson <fergdawgster () gmail com>
Date: Mon, 30 Mar 2009 10:27:15 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, Mar 29, 2009 at 5:16 PM, Richard Golodner
<rgolodner () infratection com> wrote:


       Joe said earlier today:

Thanks, the only thing is that these, like most, websites are very vague

about the mechanics behind the infiltration

       Joe, the SRI report would be right up your alley as it is the most
technical in its analysis of the variants A and B as well as an
explanation of the algorithm it uses to determine domain names for future
use of some kind.

http://mtc.sri.com/Conficker/


Something folks might be interested in -- a way to detect
Conficker-infected hosts in your network:

https://www.honeynet.org/node/389

FYI,

- - ferg


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFJ0QDjq1pz9mNUZTMRAm7SAJ9MZo33Vok1uvyB4H7DML1gUKRlPQCggWtC
bL4g6kI0sc75IDu/fYzv8yI=
=HpOH
-----END PGP SIGNATURE-----


-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/

Current thread:

Re: Fiber cut on Irish Sea, (continued)
- - - Re: Fiber cut on Irish Sea Justin M. Streiner (Mar 29)
    - Re: Fiber cut on Irish Sea Ken Gilmour (Mar 29)
    - RE: Fiber cut on Irish Sea Joe Blanchard (Mar 29)
    - Re: Fiber cut on Irish Sea Ken Gilmour (Mar 29)
- Re: Fiber cut on Irish Sea isabel dias (Mar 29)
  - Re: Fiber cut on Irish Sea Ken Gilmour (Mar 29)
    - The Confiker Virus. Joe Blanchard (Mar 29)
    - RE: The Confiker Virus. Barry Raveendran Greene (Mar 29)
    - RE: The Confiker Virus. Joe Blanchard (Mar 29)
    - RE: The Confiker Virus. Richard Golodner (Mar 29)
    - Re: The Confiker Virus. Paul Ferguson (Mar 30)
    - Re: The Confiker Virus. JoeSox (Mar 30)
    - Re: The Confiker Virus. Stefan (Mar 30)
    - Re: The Confiker Virus. David Tebbutt (Mar 30)
    - RE: The Confiker Virus. Eric Tykwinski (Mar 31)
    - Re: The Confiker Virus. Jason Biel (Mar 31)
    - Re: The Confiker Virus. Stefan (Mar 31)
    - Re: The Confiker Virus. Steven M. Bellovin (Mar 31)
    - Re: The Confiker Virus. Wilkinson, Alex (Mar 31)
    - Re: The Confiker Virus. JoeSox (Mar 31)
    - Re: The Confiker Virus. Steven Fischer (Mar 31)

(Thread continues...)