« previous next »
Pages: 1 [2] 3 4 5   Go Down

Author Topic: Conficker/Downadup news  (Read 42995 times)

0 Members and 1 Guest are viewing this topic.

February 01, 2009, 06:47:31 pm
Reply #15

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
There is one thing which has not mentioned in all the reports about Downadup.

Downadup doesn't use domain names in HTTP requests. It does a DNS lookup first
and then uses the IP address for the request.

This makes blacklisting of domain names on a proxy server completely useless.
I made this experience myself.

Logged
Ruining the bad guy's day
February 09, 2009, 07:46:10 am
Reply #16

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Some tricks from Conficker's bag
http://isc.sans.org/diary.html?storyid=5830
Logged
Ruining the bad guy's day
February 10, 2009, 12:55:59 am
Reply #17

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Logged
Ruining the bad guy's day
February 10, 2009, 01:12:50 am
Reply #18

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Logged
Ruining the bad guy's day
February 10, 2009, 08:24:28 pm
Reply #19

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
More tricks from Conficker and VM detection
http://isc.sans.org/diary.html?storyid=5842
Logged
Ruining the bad guy's day
February 12, 2009, 05:11:38 pm
Reply #20

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Logged
Ruining the bad guy's day
February 12, 2009, 09:03:50 pm
Reply #21

Serg

  • Special Members
  • Sr. Member
  • Offline
  • *
  • 132
Re: Conficker/Downadup news
Microsoft offers $250,000 reward for Conficker arrest and conviction.
http://www.microsoft.com/Presspass/press/2009/feb09/02-12ConfickerPR.mspx?rss_fdn=Press%20Releases
 PS. Sorry for my stupid paint brush ::)
Logged
February 13, 2009, 08:47:41 am
Reply #22

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Quote from: Serg on February 12, 2009, 09:03:50 pm
PS. Sorry for my stupid paint brush ::)

Nice.  ;D
Logged
Ruining the bad guy's day
February 13, 2009, 09:24:40 am
Reply #23

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Conficker links by isc.sans.org
http://isc.sans.org/diary.html?storyid=5860
Logged
Ruining the bad guy's day
February 13, 2009, 04:16:22 pm
Reply #24

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
An Analysis of Conficker's Logic and Rendezvous Points
http://mtc.sri.com/Conficker/
Logged
Ruining the bad guy's day
February 18, 2009, 07:41:40 pm
Reply #25

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Logged
Ruining the bad guy's day
February 19, 2009, 08:37:34 pm
Reply #26

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Logged
Ruining the bad guy's day
February 23, 2009, 10:23:46 pm
Reply #27

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Logged
Ruining the bad guy's day
March 01, 2009, 12:59:14 pm
Reply #28

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Conficker Collateral Damage for March 2009
http://www.sophos.com/security/blog/2009/03/3457.html
Logged
Ruining the bad guy's day
March 02, 2009, 07:17:58 am
Reply #29

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: Conficker/Downadup news
Logged
Ruining the bad guy's day
Pages: 1 [2] 3 4 5   Go Up
« previous next »