So i figured I would jump on this whole conficker bandwagon thing. Why not? Everyone else is freaking out about it why not me? The IT Ninjas are are busy sharpening their shuriken and katana in preparation for conficker but do they really need to? Adrian Kingsley-Hughes thinks folks may be over hyping the threat of conficker here: http://blogs.zdnet.com/hardware/?p=4053.
Of course you never want to take things for granted. “If you’re running a fully patched system, then you’ve got little to be worried about. If you’re running an antivirus program, then you’ve got a second line of defense. If you’re worried, run a scan with a detection tool (links below). Better to be safe than sorry. Conficker can spread via network shares, leveraging weak passwords, so if you can’t trust the systems you’re connected to, and you know you’re using weak passwords, then your risk of being infected is elevated. Also, Conficker can spread via removable drives by taking advantage of Windows autoplay.”
Tripwire Enterprise would be another sharp pointy weapon in the IT Ninja utility belt. Detection of change would be a key component in the defense of your network. And why not be more proactive? Use the Configuration Assessment capabilities to test your security settings to validate what you hope is true…(hope is not a strategy by the way and trust is not a control)…are your password settings correct?
You have one day left…batten down the hatches…will this be a Slammer scale storm or a tempest in a teacup?
Follow my tweets… http://twitter.com/theorrminator.