From: Richard Billington
Subject: [pacnog] Conficker C - Scanning (remote detection) tool
available
To: pacnog@pacnog.org
Message-ID: <200903310009.n2V09t8C066967@app.auscert.org.au>
Hi Teams,
If any of you haven't seen, researchers have found that Conficker leaves a
fingerprint because of how it changes the Windows network stack. This
fingerprint can be checked for with tools such as nmap.
Nmap has released a new (beta) release that enables Conficker infections
just by scanning the network.
For more information (including commands for Conficker scanning) see:
http://insecure.org/
An original tool (before it was added into nmap) is also available:
http://iv.cs.uni-bonn.de/uploads/media/scs.zip
And further info can be found at these sites:
http://www.honeynet.org/
(https://www.honeynet.org/node/389)
http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/
Happy Scanning
Regards,
Richard
各国のNOGで「Conficker」についての情報が求められています。
明日なにか行動を起こすと言われていますし。
世界で一番早く4/1を迎える南太平洋諸国が一番敏感かもしれません。
その次が豪州と東アジア。欧州と北米はその被害状況を見つつ行動できますね。
#AntiVirusメーカーは対処に追われるでしょうが。
0 件のコメント:
コメントを投稿