From SANS ISC:
Readers, SRI International and Georgia Tech have been working on a pretty cool new tool that will quickly locate bot traffic inside a network. A government/military version of this software has been in use successfully for about a month, and a public version was made available this week. BotHunter introduces a new kind of passive network perimeter monitoring scheme, designed to recognize the intrusion and coordination dialog that occurs during a successful malware infection. It employs a novel dialog-based correlation engine (patent pending), which recognizes the communication patterns of malware-infected computers within your network perimeter. BotHunter is available for download at http://www.cyber-ta.org/BotHunter/ and runs under Linux Fedora, SuSE, and Debian distributions.
Tuesday
Detect Botnet traffic using BotHunter
Subscribe to:
Post Comments (Atom)
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment