Dan Kaminsky, who along with other safety experts, revealed a serious vulnerability of the DNS infrastructure last year, today reported on finding a procedure, which allows identifying Conficker worm-infected computer even from afar. Conficker, according to experts’ findings, changes the implementation of Windows Server providing files and printers’ sharing services. It is possible to detect changes by communication with a PC so it can be unambiguously spotted whether the PC is infected with Conficker worm or not.
However, a scanner in Python language is already available, seeking all worm-infected PCs in the scope of provided IP addresses. It is of course only possible to scan those IP addresses, to which the scanner can send packets to port 445. Scanner can be downloaded from the Kaminski site. It shall also be installed into standard scanning tools of nmap, ncircle, Nessus, Foundstone and Qualys within the coming days.
hi
ReplyDeletethanks for useful inormation.this is very helpful for all computer user's.
Best Pc Security