Coreflood Stops Flooding
(PresseBox) - 11 - Noa Bar-Yosef, Imperva's Senior Security Strategist comments, "A new way to dismantle a botnet: for the first time, US federal prosecutors obtained a court order allowing them to build an alternate C&C server to the Coreflood botnet C&C server. As a result, zombie machines in the Coreflood network are being re-routed to communicate with the server controlled by law enforcement agencies. The "good" server can then issue commands to stop the malware execution on the compromised machines."
In a rather thoughtful move, this server is also logging IPs of the machines communicating with it - i.e. the victims. Agencies can then work with the ISPs so that they can accordingly inform the victims. What this means is to have ISPs actually inform the victim, provide information on the removal of malware and increase security awareness.
This is the correct move. ISPs should not play cop - by removing suspected infected machines from the internet. Rather, they should know how to deal with infected machines and provide them with the tools to deal with threats.
For more on the Coreflood Stops Flooding story visit: http://www.theregister.co.uk/2011/04/13/coreflood_botnet_takedown/
For more on Imperva visit www.imperva.com
Datum: 14.04.2011 - 16:27 Uhr
Sprache: Deutsch
News-ID 29288
Anzahl Zeichen: 0
contact information:
Town:
Redwood Shores
Kategorie:
Hazadous Materials Management
Diese Pressemitteilung wurde bisher 262 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Coreflood Stops Flooding"
steht unter der journalistisch-redaktionellen Verantwortung von
Imperva Inc. (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
