Technology news and Jobs 
VIRTUALISATION Conficker may bring commercial web sites to their knees
VIRTUALISATION Conficker may bring commercial web sites to their knees | Conficker may bring commercial web sites to their knees |
|
| by Stephen Withers | |
| Monday, 02 March 2009 | |
|
Page 1 of 2   
Featured Whitepaper
5 Best Practices for Smartphone Support
But what if the server gets taken down, as happened to McColo? One trick is to arrange for the malware to look to a different domain if it is unable to contact its controller for a certain period. If those backup domain names were hardcoded, it would be all too easy to block them, or have them taken down before any harm could be done. So a bright spark came up with the idea of algorithmically-generated domain names. The domains could be registered just in time, and security specialists would be kept on the hop. You could even arrange for the malware to 'phone home' to a different domain each day. And that's what Conficker does. Well, the theory is that this would present a challenge to the anti-malware forces. In practice, security researchers are able to analyse this function as easily as any other. And a coalition of ISPs and other players has been registering the domains Conficker will try to use before the worm's backers can get hold of them. But Sophos has determined that a small number of the 7750 domain names that Conficker will try to use during March correspond to real and active web sites. That's the problem with generating semi-random strings: every now and then you'll get a real word, a set of initials, or a made-up name. Which companies are likely to suffer a Conficker collateral DDoS attack this month? See page 2. |
| < Next story in category | Previous story in the category > |
|---|
