February 2009 - Posts

Blocking and finding Conficker and Downadup systems

EDIT 4/27/09: THIS NO LONGER WORKS WITH NEW VARIANTS OF CONFICKER HOWEVER THE CONCEPT IS STILL SOUND IF YOU ARE LOOKING FOR SYSTEMS THAT ARE QUERYING FOR SPECIFIC DNS NAMES.   I’ve already created one post on finding malware systems using eventcomb Read More...

Posted 09 February 09 07:47 by kfalde | 0 Comments   
Filed under Incident Response

Understanding FCS Definitions

A fairly frequent question we get is how do FCS definitions work. How do I find just the delta’s for the month etc. You can always manually download the latest definitions from http://www.microsoft.com/security/portal with the links on the right. This Read More...

Posted 09 February 09 12:31 by kfalde | 0 Comments   
Filed under FCS Definitions

Search

This Blog

• Home
• Email

Tags

• FCS
• FCS ADM
• FCS Database
• FCS Definitions
• FCS Policy
• Forefront Client Security
• Incident Response
• SCE
• Scheduled Scans
• System Center Essentials
• WSUS

Archives

• October 2009 (1)
• July 2009 (1)
• May 2009 (2)
• April 2009 (1)
• March 2009 (2)
• February 2009 (2)
• January 2009 (4)
• November 2008 (2)
• October 2008 (3)
• September 2008 (1)
• August 2008 (2)

Links

• FCS Support Blog
• Johan Blom's Blog FCS MVP
• FCS Product Team Blog
• Yaniv Feldman's Blog

Syndication

• RSS 2.0
• Atom 1.0