[At-Large] Article on malware preinstalled on PCs

Roberto Gaetano roberto_gaetano at hotmail.com
Tue Sep 18 20:15:38 UTC 2012




The interesting bit, IMHO, is in the second page where they make reference
to a software by Nominum:


Since the domain also hosts legitimate websites, Microsoft is using DNS
(Domain Name System) software from Nominum that will allow legitimate
traffic to subdomains of 3322.org but halt traffic to the 70,000 hosted
websites that are harmful, a process known as "sinkholing."


It seems to me that it is important that we use tools that can discriminate
between the malicious sub-domains of a domain.

We often have debates about collateral damages in hunting criminal behavior,
maybe this is a step in the right direction.




More information about the At-Large mailing list