website statistics
Blocking Conficker through ISA Server/TMG - Yuri Diogenes's Blog - Site Home - TechNet Blogs

Yuri Diogenes's Blog

Thoughts from a Senior Content Developer @ Microsoft Data Center, Devices & Enterprise Client – CSI (Enterprise Mobility Team)

Blocking Conficker through ISA Server/TMG

Blocking Conficker through ISA Server/TMG

  • Comments 1
  • Likes

Happy New Year everybody!

I hope you enjoyed your new years eve because now you might want to take a look on this worm that is causing lots of headaches to all IT Admins.  MMPC (Microsoft Malware Protection Center) has a report about this malware and how to proceed to avoid infestation:

http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.B

Good news is that ISA Server and TMG can block outbound requests for this worm and yesterday night (before midnight) our IR (Incident Response) Team in partnership with ISA Server Team brought together an action plan to allow ISA/TMG to block that. Jim Harrison automated this process by creating a script that you can use to create policies to block conficker and you can download from here:

http://jim.isatools.org/tools/block_conficker.vbs

Enjoy your day off and be sure to implement those actions ASAP.

 

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment