Security analysis and penetration testing has made another break through by winning a partial battle against conficker worm. For the first time, we can get signatures for at least dozen network scanning software. Security experts discovered that malware leave a fingerprint on infected machine and these fingerprints can be discovered by off-the-shelf network scanners. This method is very inexpensive and efficient.
On the other hand, Discovery is still in progress as there are certain pieces of software which are not easy to find but security experts are quite hopeful in finding out the whole solution.
In past, confickers can only be tracked by monitoring out bound connections for each computer on a network or by scanning infected machine one by one. Both methods require lot of resources and none of both were easy.
Kaminsky, Director Penetration testing said
“The availability of the new Conficker definitions is the result of the sleuthing and quick response of an industry-wide cast of characters. Once I heard that Conficker had code running on the anonymous surface, I said 'Wait, we can fingerprint that and if we can get packets to a box, we can find out fairly reliably whether it's infected with Conficker or not.”
We really commend our security experts but don’t underestimate skills of the challenging side. Let’s see what our evil geniuses at the other end of the world have in their mind.
Let’s wait for their next strategy.
Posts
Is Your Pub, Inn or Guesthouse Energy Efficient?
14 years ago
No comments:
Post a Comment