“I am currently working with a large corporate customer in South Africa to track down the source of Conficker internet infection attempts. We are heavily using Webspy for this. I start off with the Alert from the ISP then work back through our Forefront TMG logs to narrow down the pool of potential machines. Once i get down to a managable amount of potential machines i export the IP list from WebSpy and plug it into nMap. We then scan the potential machines and normally we get a hit for a Conficker infected machine. Without WebSpy we would literally be poking around in the dark…”
— Etienne Liebetrau

Schreibe einen Kommentar