I'm thinking of keeping our most important machines offline from 0000 UTC this evening for 24 hours to see how this develops.

Frankly, I don't trust much of the published conflicting info on Conficker. I got it on one of my machines and not in the ways they say infection normally occurs.

[isc.sans.org...]

[dshield.org...]

Any reports of shenanigans? Contrary to popular belief, the sky has not fallen out here . . . what about anywhere else?

What a great way to get traffic...

TV was full of reports yesterday saying to test your machine by seeing if you can go to Mcafee, symantec or other antivirus sites.

The press never mentions that web security stocks have done VERY well over the past 12 months. MFE is virtually unchanged while the S&P is off 40%. Hmmm!

According to this article I read this morning, the process has started...

Conficker.c was programmed to establish a link from infected host computers with command-and-control servers at midnight GMT on April 1. To reach these control servers, Conficker.c generates a list of 50,000 domain names and then selects 500 domain names to contact. That process has started, researchers said.

Conficker activation passes quietly, but threat isn't over
[computerworld.com...]

Will the real "Captain Tripps" please stand up! (Flash from the past for those that remember . . . )

Pranksters reference huh?

Jerry Rules! I miss him everyday.

Conficker Begins Stealthy Update
--------------------------------

"Computer security firms watching the malicious program noticed that it sprang into life late on 8 April.

The activity on its update system delivered encrypted software to compromised machines. It is not yet clear what the payload contains."

[news.bbc.co.uk...]