[At-Large] Article on malware preinstalled on PCs
Roberto Gaetano
roberto_gaetano at hotmail.com
Tue Sep 18 20:15:38 UTC 2012
http://cw.com.hk/news/microsoft-new-pcs-preinstalled-malware-found-china?pag
e=0,0
The interesting bit, IMHO, is in the second page where they make reference
to a software by Nominum:
Since the domain also hosts legitimate websites, Microsoft is using DNS
(Domain Name System) software from Nominum that will allow legitimate
traffic to subdomains of 3322.org but halt traffic to the 70,000 hosted
websites that are harmful, a process known as "sinkholing."
It seems to me that it is important that we use tools that can discriminate
between the malicious sub-domains of a domain.
We often have debates about collateral damages in hunting criminal behavior,
maybe this is a step in the right direction.
Cheers,
Roberto
More information about the At-Large
mailing list