Using Conficker’s Tricks To Root Out Infections

iago-vL writes “Despite having their domain blacklisted by Conficker, the folks at Nmap have released version 4.85BETA8, which promises better detection of the Conficker worm. How? By talking to it on its own peer-to-peer network! By sending encrypted messages to a suspect host, the tools will get Conficker.C and higher to reveal itself. This curious case of using Conficker’s own tricks to find it is similar to the last method that we discussed. More information from the author is available, as well as a download for the new release (or, if you’re a Conficker refugee, try a mirror instead).”

Read more of this story at Slashdot.

Share

Tags: , ,

This entry was posted on Wednesday, April 22nd, 2009 at and is filed under . You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.