Anyone still have their Y2K kits lying around? On Mon, Mar 30, 2009 at 10:00 PM, Charles Jones < charles.jones@ciscolearning.org> wrote: > On April 1st the Conficker.C virus (probably the most virulent MSWin > virus to date) is due to "activate". By activate I mean that thusfar it > has been just spreading itself, but once the host time reaches April 1, > it will begin attempting to contact 50,000 randomly generated domain > names per day, looking for a host to download an update from. What this > update will be, nobody knows. It could be anything from new improved > code, to deleting the hard disk, to popping up a picture of a LOLcat and > uninstalling itself. > > Why would linux folks care about a windows virus? Because if you have > any infected windows machines on your network, this virus can cause > excessive traffic as it tries to locate a payload update, not to mention > the network scanning it does in attempts to infect other hosts. > > Here is some information on this nasty bugger: > > http://en.wikipedia.org/wiki/Conficker > > Here you can find a python script and also a version of nmap specially > designed to located infected machines: http://www.doxpara.com/?p=1294 > > Here is an excellent paper on Conficker: > http://www.honeynet.org/papers/conficker/ > Direct link to the PDF: http://www.honeynet.org/files/KYE-Conficker.pdf > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- Thanks and best regards, Ryan Rix TamsPalm - The PalmOS Blog (623)-239-1103 <-- Grand Central, baby! Jasmine Bowden - Class of 2009, Marc Rasmussen - Class of 2008, Erica Sheffey - Class of 2009, Rest in peace.