India Broadband Forum

cool_techie_tvm · 02-07-09, 11:39 PM

One of the worms which has been doing rounds since Jan 17th 2009 and which has already infected more than 9 million PCs worldwide will be fought upon by prominent DNS service provider OpenDNS. Starting this Monday OpenDNS with the help of leading Antivirus software provider Kaspersky will block the requests send outward by an infected PC. The worm will connect to a command center after infecting the PC and if the outward requests are blocked in the DNS level OpenDNS will atleast slow down the spreading of the worm.

02-08-09, 10:27 PM

whats the name of this worm? how is it affecting the pcs? what are the threats associated with it? how is it spread?

cool_techie_tvm · 02-08-09, 11:04 PM

Quote:

The rampaging Conficker worm (aka Downadup) has managed to infect millions of PCs across the globe, but it has an Achilles heel. One that a company called OpenDNS plans to strike starting Monday.

Many types of malicious software like Conficker have to connect to a command center to receive orders, which in the case of Conficker might be to download additional software like a keylogger or data-stealing Trojan. Without those orders, the malware just sits there.

Conficker uses an algorithm to create a list of 250 domain names each day that it will check for commands, according to David Ulevitch, CEO of OpenDNS. So its creators can register any of those 250 domains for any given day and be able to issue orders to the millions of worms.

Antivirus companies like F-Secure and Kaspersky have cracked that algorithm and can predict which domains Conficker will attempt to contact on any given day, and F-Secure has previously offered that predictive list to network administrators who could use it to block computers in their network from connecting to any of those domains.

Come Monday, OpenDNS will use a similar approach to block any computer or network that uses the company for its domain name system (DNS) service, which translates the human-friendly names like pcworld.com into the IP addresses used by machines, from getting a DNS record for a Conficker domain. Using a list from Kaspersky, OpenDNS will refrain from sending a requested domain-name-to-IP-address translation for any such domain, effectively neutering the worm by blocking it from reaching a command center.

Those who have signed up for a free OpenDNS account will receive a warning e-mail that a computer within their home or business network is likely infected with Conficker if OpenDNS blocks a connection attempt, says Ulevitch. But you can also use the service without signing up for an account, which will still block the connection attempt without sending a warning e-mail. Account holders will also be able to check the service dashboard for a warning.

This is a good, layered defefnse approach that can be of particular use for small businesses or home networks who aren't able to use blocklists themselves. If you're at all concerned that you might have computers in your home or business network infected with Conficker, it's quick and easy to begin using OpenDNS. The company says it plans to expand the approach in the future.

Free Defense Against the Conficker Worm - PC World

02-09-09, 01:05 AM

thanks for all the info

itsmemad · 02-09-09, 01:32 AM

Rep added!

cool_techie_tvm · 02-09-09, 09:48 AM

Quote:

Originally Posted by itsmemad

Rep added!

Thanks mate

jrkraj · 03-27-09, 12:23 PM

thanks for d info.

03-30-09, 05:36 PM

Informative

02-07-09, 11:39 PM	#1
cool_techie_tvm Amor vincit omnia Join Date: Dec 2007 Posts: 2,682 Blog Entries: 4 Rep Power: 4	OpenDNS & Kaspersky Volunteers to fight against Conficker Worm One of the worms which has been doing rounds since Jan 17th 2009 and which has already infected more than 9 million PCs worldwide will be fought upon by prominent DNS service provider OpenDNS. Starting this Monday OpenDNS with the help of leading Antivirus software provider Kaspersky will block the requests send outward by an infected PC. The worm will connect to a command center after infecting the PC and if the outward requests are blocked in the DNS level OpenDNS will atleast slow down the spreading of the worm.

03-27-09, 12:23 PM	#7
jrkraj Junior Member Join Date: Feb 2007 Posts: 9 Rep Power: 3	thanks thanks for d info.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
And then the fight started ...	just4kix	Jokes and humor	14	02-03-09 11:17 PM
Help with OpenDNS	The One	BSNL broadband	4	12-23-08 11:23 PM
Fight of Depression ![1 image]	ShAdOwCoN	General offtopic discussions	15	10-25-08 01:33 PM
Fight Against Terror...	Rameshjeee	General offtopic discussions	3	10-06-08 03:14 PM
Sixem-A worm spreading through World Cup related mail messages	Admin	Software News, Previews and Reviews	0	06-25-06 06:19 PM

02-08-09, 10:27 PM	#2
saurav_k Guest Posts: n/a	whats the name of this worm? how is it affecting the pcs? what are the threats associated with it? how is it spread?

02-09-09, 01:05 AM	#4
saurav_k Guest Posts: n/a	thanks for all the info

02-09-09, 01:32 AM	#5
itsmemad Alligator Join Date: Sep 2008 Location: Pleasure drome Posts: 3,514 Rep Power: 10	Rep added!

India Broadband Forum

OpenDNS & Kaspersky Volunteers to fight against Conficker Worm

OpenDNS & Kaspersky Volunteers to fight against Conficker Worm

Similar Threads