Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Conficker.B/Downadup.B/Kido: F-Secure publishes details pertaining to their counting methodology of compromised machines

Some of our readers have pointed out that more media attention is being given to the rather alarming and large number of compromised machines that have been tallied by F-Secure in their "Weblog:  News from the Lab" site.

For example CNN have picked up on the story here:


If you now turn your attention to the latest entry on the F-Secure website, you will now be able to read about their finer details of how they are producing their tally:


In summary it is a combination of the "q=" value from the GET call, - combined with an assessment of unique IP addresses being tracked over time, that yeilds their final tally.  I would encourage you to read their fine details as per the link above.

G.N. White

Handler on Duty (Happy Friday!)


G. N.

23 Posts
Jan 16th 2009

Sign Up for Free or Log In to start participating in the conversation!