A year of WormCatching presented at Virus Bulletin 2002

by Roger Thompson (Icsa),

Tags: Security

URL : http://www.virusbtn.com/conference/vb2002/abstracts/wormcatching.xml

Summary : By the time VB 2002 rolls around, the WormCatcher project will have
been running for a whole year. This paper explains how it works and
examines some of the data collected. It will also look at the
shortcomings and strengths of the idea of an automated reporting
system like this.
Points of interest will include:

How Nimda showed up initially
How CodeRed.b keeps going
When CodeRed.c and .d died out
How Nimda keeps going
Any new worms that show up prior to the conference. At the time of writing this abstract, I am feverishly adding UDP support in anticipation of SNMP worms.
Plans for the future.