-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Mar 29, 2009 at 5:16 PM, Richard Golodner <rgolod...@infratection.com> wrote:
> > Joe said earlier today: >> Thanks, the only thing is that these, like most, websites are very vague > about the mechanics behind the infiltration > > Joe, the SRI report would be right up your alley as it is the most > technical in its analysis of the variants A and B as well as an > explanation of the algorithm it uses to determine domain names for future > use of some kind. > > http://mtc.sri.com/Conficker/ > Something folks might be interested in -- a way to detect Conficker-infected hosts in your network: https://www.honeynet.org/node/389 FYI, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFJ0QDjq1pz9mNUZTMRAm7SAJ9MZo33Vok1uvyB4H7DML1gUKRlPQCggWtC bL4g6kI0sc75IDu/fYzv8yI= =HpOH -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
