Location of Repository

Detecting Conficker in your Network

By Adi Kriegisch

Abstract

Conficker[1] is a computer worm spreading on Windows operating system by mainly using a buffer overflow[2] or the Windows Autorun feature. The worm itself does not contain malware functions but contains a routine to load such code after infection. The purpose of this article is to sketch a way to detect such a worm in a small to medium business network as early as possible so that the effects of the worm can be minimized.

Year: 2009
OAI identifier: oai:CiteSeerX.psu:10.1.1.187.7356
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.cert.at/static/conf... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.