Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Conflicker/NMAP

From: Dexter Caldwell <Dexter.Caldwell () FURMAN EDU>
Date: Tue, 31 Mar 2009 12:09:48 -0400
If you're using Group Policy and you want to suppress an outbreak you
could refer to Microsoft's suggestions at: 

http://support.microsoft.com/kb/962007

Also, if you do need to cleanup you can try Mcafee's new special Conficker
edition of Stinger at:
http://vil.nai.com/vil/averttools.aspx#002
(I'm pretty sure Microsoft's MSRT will do a fair job too as a standalone
tool.  There are obviously others including full sytem scans.

In the end, from the proactive side I implemented those IPS signatures a
long time ago, but my experience has been like everyone else's in that I
haven't seen yet that it's seriously infected us and thus am concerned
about what we might not know despite our methods of inquiry.  

Dexter Caldwell
Information Security Administrator
Computing & Information Services
Furman University
3300 Poinsett Hwy
Greenville, SC 29613
email: dexter.caldwell () furman edu
office: 864-294-3566
facsimile: 864-294.3001
Previous By Date Next
Previous By Thread Next

Current thread: