Due to lake informations that oldest probes didn't catched, i am obligate to change the technologies probes and to choose more sensible probes to have more possibilities to make researches with more details.

That's why new version of the complete controlled infected LANs has been changed this weekend in the LANs located in the Paris Campus.

Specific developed tools didn't changed :

Personal development tool : Malicious Applications Probes version 3.0.0.0

Network Sniffer tool : Packet Analyzer 1.0.1

Taxinomy Phenotype Collector : version 2.0.0.1

I develop two new tools for reporting :

Log-Mailer version 0.0.1.1 : This tool sends to me logs by mail to be implemented automatically on the taxinomy phenotype system

GWLog-Push 0.0.1.2 : This tool send on FTP servers in real time the gateways logs that you can read in this blog

reports-conficker-xxxx.php : developped by JB the BitDefender technical supervisor, this php tool lets the logs to be readable humanly

The global architecture changed :

Geographical Conficker controlled infection on the Paris Campus AntiMalware:

LAN001-dslam-78-velizy : professional 32 bits environment :

Network : 192.168.1.0 / 24

Gateway (linux 32 bits) : 192.168.1.30

XP-SP3 Pro : 192.168.1.20

Windows Server 2003 : 192.168.1.10

LAN002-dslam-78-velizy : professional 64 bits environment :

Network : 172.22.0.0 / 24

Gateway (linux 64 bits) : 172.22.0.30

Seven Pro 64 bits : 172.22.0.20

Windows Server 2008 64 bits : 172.22.0.10

Geographical Conficker controlled infection on the West of France Campus AntiMalware:

LAN001-dslam-85-vendee : professional 32 bits environment :

Network : 192.168.1.0 / 24

Gateway (linux 32 bits) : 192.168.1.15

XP-SP3 Pro : 192.168.1.11

XP-SP2 Pro : 192.168.1.10