A new tool allows entire networks to be scanned efficiently for infection.

On 1st April, a worm named Conficker who are already infected millions of machines around the world, it is expected that something bad, but nobody knows exactly what. Some experts fear that an army of infected machines can be ordered for a coordinated attack or send a deluge of spam. But today, a publishing tool could assist in the impact, large enterprises and institutions, to achieve rapid weeds infected machines, networks on all the signs of infection.

Analysis of the worm Conficker has already shown that the computer is infected “phone home” on 1 April on a new set of instructions. It is already possible to see the machines individually, but it is a relatively long process. It is also possible to circumvent the problem by leaving just the communication on a network, but the latest version of Conficker must be silent, to April 1.

Dan Kaminsky, director of penetration testing for Seattle-based Security IOActive companies contributed to the new analysis tool, and said they may be infected in such manner as it relates to the larger network. This makes it quick and easy to remove the worm and does not require access to specific machines. “It’s like driving through a neighborhood search for homes with big signs on their doors,” says Kaminsky.

The tool was Tillmann, Werner Felix leather, members of an independent Honeynet Project, asked Kaminsky, research on Conficker. The couple discovered that the worm changes the way a machine on a network. Kaminsky take on this subject, which indicates that researchers a tool that uses this information to find machines infected. The researchers built a tool and has worked over the weekend, ready for wide dissemination to other providers of security software. “Whoever Vulnerability Scanner with a company, it should be taken over until the end of the day,” says Kaminsky.

via