Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using Conficker's Tricks To Root Out Infections

Posted by Soulskill on from the fighting-fire-with-thermometers dept.

iago-vL writes "Despite having their domain blacklisted by Conficker, the folks at Nmap have released version 4.85BETA8, which promises better detection of the Conficker worm. How? By talking to it on its own peer-to-peer network! By sending encrypted messages to a suspect host, the tools will get Conficker.C and higher to reveal itself. This curious case of using Conficker's own tricks to find it is similar to the last method that we discussed. More information from the author is available, as well as a download for the new release (or, if you're a Conficker refugee, try a mirror instead)."

4 of 117 comments (clear)

  1. Am I the only one... by Bicx · · Score: 5, Interesting

    that thinks Conficker is actually really cool? I mean, damage aside, it's pretty darn impressive.

    1. Re:Am I the only one... by Rogerborg · · Score: 5, Funny

      Sharks are pretty cool too, right up to the point where they start chewing on your leg. I guess it takes distance to gain perspective.

      --
      If you were blocking sigs, you wouldn't have to read this.
    2. Re:Am I the only one... by fuzzyfuzzyfungus · · Score: 5, Funny

      You have to have decent balance; but there is nothing stopping you from doing both. In fact, a friendly overture often puts the target at ease, making them easier to hit.

  2. Re:Happy middle? by Trikki+Nikki! · · Score: 5, Funny

    I would just like to say that I read Slashdot at work, and in the future I would appreciate if you people could stop posting comments that cause me to giggle uncontrollably and thus urinate in my cubicle. It has become a great concern to my boss, as I am unable to explain the real reason behind my lack of bladder control. Thanks in advance.

    --
    i r in ur /.s girling up ur storiez