This post will be updated throughout the day to show what Conficker activity (if any) AusCERT and others are seeing as the worm kicks off it's update routine.

10:00 AM

It's been confirmed that the Conficker infected machines have begun doing DNS lookups for the generated list of domains. F-secure has on their weblog an example traffic capture showing the requests being sent out.

News from other sources indicate the infected machines make new DNS request to one of the domains on the generated list roughly every 8-10 seconds, a fairly low level amount of requests.

1:00 PM

All still quiet on the western front. Infected hosts are continuing to requests domains from the generated list but no one as yet has reported a succesful download of a secondary component.

Impact network wise of the requests seems negligible which may be due to the fairly small amount of infected machines apparently present in Australia.

4:30 PM

And coming up to the end of the day and... still nothing. This is not overly surprising but nor is it the end of the story. There are still plenty of Conficker infected machines that will make hundreds of requests a day and one day they very well may find what they are looking for. That day will be interesting.

The F-secure Weblog has also updated indicating that they too have yet to see any further activity