Network wide Conficker scanning
|
|
The Conficker worm has infected several million computers since it first started spreading in late 2008. In this paper German developers presented several potential methods to repel Conficker. The approaches presented take advantage of the way Conficker patches infected systems, which can be used to remotely detect a compromised system. They also provided freely available tools including source code on their website. They also described how to use these findings which allows system administrators to quickly and easily scan their networks for infected hosts and to create rules for use in intrusion detection systems. Developers already started to integrate these findings in their network security scanner and equivalent tools like Nmap and Nessus. This article shows how to use four different methods to scan for Conficker infected machines in your network.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
