Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Botnet Microsoft IT

Microsoft: No Botnet Is Indestructible 245

Posted by timothy from the when-st-peter-calls-us-all-out dept.
CWmike writes "No botnet is invulnerable, a Microsoft lawyer involved with the Rustock take-down said Tuesday, countering claims that another botnet was 'practically indestructible.' Richard Boscovich, a senior attorney with Microsoft's Digital Crime Unit said, 'If someone says that a botnet is indestructible, they are not being very creative legally or technically. Nothing is impossible. That's a pretty high standard.' Instrumental in the effort that led to the seizure of Rustock's command-and-control servers in March, Boscovich said Microsoft's experience in take-downs of Waledac in early 2010 and of Coreflood and Rustock this year show that any botnet can be exterminated. 'To say that it can't be done underestimates the ability of the good guys,' Boscovich said. 'People seem to be saying that the bad guys are smarter, better. But the answer to that is 'no.''"
This discussion has been archived. No new comments can be posted.

Microsoft: No Botnet Is Indestructible More

Microsoft: No Botnet Is Indestructible

Comments Filter:

  • Windows 7 checks in with M$ so he thinks yes (Score:4, Informative)

    by NSN A392-99-964-5927 ( 1559367 ) on Friday July 08, 2011 @03:48AM (#36691802) Homepage

    Let me start by saying every time you boot your system on Windows 7, data is sent to Microsoft to check whether your are online and for internet connectivity.

    Now although you probably never gave it a second thought. NCSI is an active tool used by Microsoft to lead Boscovich to these comments.

    I am not sure if this has been posted on /. before however this url http://blog.superuser.com/2011/05/16/windows-7-network-awareness [superuser.com] maybe makes Boscovich feel all warm and fuzzy inside as they can do more with NCSI and cut out botnets. This can be defeated as in the URL above.

    Whilst I am on a roll, http://www.microsoft.com/industry/government/solutions/cofee/default.aspx [microsoft.com] is nothing special the commands in COFEE with some extra switches are;

    arp.exe -a
    at.exe
    autorunsc.exe
    getmac.exe
    handle.exe -a
    hostname.exe
    ipconfig.exe /all
    msinfo32.exe /report %OUTFILE%
    nbtstat.exe -n
    nbtstat.exe -A 127.0.0.1
    nbtstat.exe -S
    nbtstat.exe -c
    net.exe share
    net.exe use
    net.exe file
    net.exe user
    net.exe accounts
    net.exe view
    net.exe start
    net.exe Session
    net.exe localgroup administrators /domain
    net.exe localgroup
    net.exe localgroup administrators
    net.exe group
    netdom.exe query DC
    netstat.exe -ao
    netstat.exe -no
    openfiles.exe /query/v
    psfile.exe
    pslist.exe
    pslist.exe -t
    psloggedon.exe
    psservice.exe
    pstat.exe
    psuptime.exe
    quser.exe
    route.exe print
    sc.exe query
    sc.exe queryex
    sclist.exe
    showgrps.exe
    srvcheck \127.0.0.1
    tasklist.exe /svc
    whoami.exe

    Awww how 31337 M$

  • Comment removed (Score:3, Informative)

    by account_deleted ( 4530225 ) on Friday July 08, 2011 @04:44AM (#36692002)
    Comment removed based on user account deletion

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close