View Single Post
  #1   (View Single Post)  
Old 14th April 2011
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,507
Default Friendly takeover: FBI controls bot PCs


On Tuesday evening, the FBI shut down the Coreflood botnet but also took a step that will probably cause a lot of discussion among security experts. The US authorities are temporarily accessing victims' computers to remove the contaminant from the systems. If a computer infected with the bot tries to contact a command-and-control server, it lands on a server controlled by the FBI, which sends out a kill command. The malicious software is then disabled until the system reboots.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote