[nsp-sec] Fwd: Conficker Remediation Effort (try this again)
Russell Fulton
r.fulton at auckland.ac.nz
Sun Mar 29 12:58:38 EDT 2009
Begin forwarded message:
>
> 4/1 should be a MAJOR non-event:) Lets make it conficker clean up
> day instead but without the hype.
>
Agreed.
One thought I had is that the 4/1 change should make it easier to spot
conficker infections based on DNS traffic. Presumably they will need
to do a lot of look ups that fail. Has anyone looked at this? We
have an CS MSc student looking at DNS responses so I thought I might
throw this one his way.
Russell
More information about the nsp-security
mailing list