Blog for hpHosts, and whatever else I feel like writing about ....

Wednesday, 1 April 2009

eEye: Conficker Detection Scanner and Patch Identification Utility

Found the following eEye security advisory in my inbox:

In response to Conficker, a breed of self-updating worms that is difficult to avoid, Researchers at eEye Digital Security ( ) have devised a Conficker detection engine that centers on running a network scan to detect hosts compromised or vulnerable to Conficker. In a proactive measure to protect users, starting today, organizations can download from eEye a free utility that is built around the company’s Retina Network Security Scanner that will detect hosts that are compromised with this latest worm and malicious botnet or do not have MS08-067 applied, the most effective propagation technique that Conficker uses.

The Retina Utility from eEye can be downloaded at:

In addition to the detection of the Conficker worm, eEye Digital Security's Blink Endpoint Protection Platform can effectively protect hosts, even if they are not patched, from the propagation of this worm. Using protocol based IPS analyzers, Blink can detect and stop the malicious traffic associated with MS08-067 and block the worm from self propagating. For installations that are already infected, Blink's multi layer antivirus engine will remove the Conficker worm and provide protection until a permanent remediation is performed on the host.

Learn more


No comments: