Conficker C and friends – Defeating worms with architecture

The first line of technical defense against any computer intrusion is the architecture of the network infrastructure that the computer is connected to. The fact that worms like Conficker are so successful in their metastasis is “in your face” proof of just how insecure today’s IT Infrastructures are.  If they weren’t so insecure then these worms would have a minimal impact.  What’s even more interesting is that worms are “dumb” and people can’t seem to keep them out of their networks, so what are people going to do when hackers come knocking?
In simple terms a worm is little more than a dumb, self replicating, repeating computer program that uses some mechanism (network, usb sticks, etc) to send copies of its self to other computer systems . A worms survival hinges on its ability to communicate with other computer systems and on its ability to gain entry into new uninfected computer systems.  If it can’t do one or the other then it can’t spread and it will eventually die.  If it can do both with relative success then it will likely survive for some time. The more hosts that a worm infects, the more potential […]