Detecting Conficker – Updated

by kriggins on March 30, 2009

in Tools

Well, sometimes copy and paste works and sometimes it doesn't. The link was broken. Go here: http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/

About half way down the page is a proof of concept network scanner put together by Felix Leder and Tillman that can detect if a system is infected with Conficker. No system access or authentication needed. Great job gentlemen.

I also understand there is a Nessus plugin available now and also a nmap NSE script on the svn respository.

Reblog this post [with Zemanta]

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: