Conficker is possibly the most fearsome worm of all time. Its capabilities has researchers, the industry and security practitioners worried. It infects via infected portable drives, exploiting unpatched Windows systems or by brute forcing weak passwords. The C variant is awaiting instructions from its author(s) tomorrow... 1st April 2009 aka "April Fool's Day". No joke!!!
Academic research paper and proof-of-concept detection tools here.
Nmap v4.85 Beta 5 supports Conficker detection as well.
nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [targetnetworks]
Nessus has a new plugin to detect Conficker too.
Folks... you've been warned before. Disable Autorun, patch your OSs and use strong passwords.
Update: Conficker blocks access to security websites. Here is a simple test to verify if your system might have been infected.
skip to main |
skip to sidebar
About Me
- nephos
- Singapore
- Movie buff, food critic, couch potato, Star Wars fanatic, Cloud lover, Pool Shark, procrastinator, thoughtful, friendly, die-hard Blackburn and Lakers fan, basketball nut and occasional antagonist
Labels
My Fav Links
Blog Archive
-
▼
2009
(237)
-
▼
March
(20)
- Conficker
- Lights out
- BIOS rootkit
- Routers turned into bots
- T3 revisited
- Turn off the lights
- Singapore Flyer + Henderson Wave
- Another faulty Apple component!!!
- 2 minutes???
- Attempted Sumitomo Bank heist
- More editing
- FAT
- Museum outing
- BBC botnet
- "Popping"
- Clear blue sky
- Spot the rainbow
- Free space
- Bypassed!
- View from the ledge
-
▼
March
(20)
2 comments:
scary!
It was only a matter of time. I've preached about the loopholes for years.
Post a Comment