Deutsch | English

Detecting Conficker in your Network

2009/02/11

Description of a method to detect earlystate Conficker worm infections through blocklists fitting the needs of small and medium enterprises.


Download

Publication Date

2009/02/11

Author

Adi Kriegisch

Language

English

Download

You can download the full document in pdf format here.

Content

Conficker is a computer worm spreading on Windows operating system by mainly using a buffer overflow or the Windows Autorun feature. The worm itself does not contain malware functions but contains a routine to load such code after infection. The purpose of this article is to sketch a way to detect such a worm in a small to medium business network as early as possible so that the effects of the worm can be minimized.
Last Change: 2013/7/17 - 17:00:10
Haftungsausschluss / Data Protection & Privacy Policy