Over the weekend I spent quite a bit of time watching some of the awesome IT security videos that are offered on The Academy Pro web site. I couldn’t believe all the valuable step by step information that this site offers. Believe it or not, I had a goal. I needed to learn more about “Conficker“.
We have already covered how to detect “Conficker” traffic via Scrutinizer’s Flow Analytics application from my buddy Milton’s blog back in March. In the NetworkWorld article titled “Downadup/Conflicker worm: When will the next shoe fall? “, Don Jackson, director of threat intelligence in the counter threat unit at SecureWorks is quoted as saying, “It has the potential to infect about 30% of Windows systems online, a potential 300 to 350 million PCs”. So how can we prevent this from happening?
My goal was to conduct a security audit for such a vulnerability. That is where TheAcademyPro comes in. TheAcademyPro web site was created by Peter Giannoulis, a well know information security consultant and author. Check out this awesome interview with Peter on Hak5. They just started a series on how to conduct vulnerability scans for Conficker:
“Everybody’s had to deal with Conficker over the last little while, but many don’t realize exactly how easy it is to exploit a system using the targeted vulnerability. Let’s begin the week by manually exploiting Conficker vulnerabilities with Core Impact 8 modules.”
Now I have a bit more information and might be able to conduct a security audit soon. I will keep you posted.
Jimmy D the Netflow Detective
For a free 30 day trial of Scrutinizer, Download Now!
Sign up for Advanced NetFlow Training™ coming to a city near you!
Join the NetFlow Developments group on LinkedIn.