Honeypots mailing list archives
RE: any other tool to detect worm?
From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Sun, 9 May 2004 12:29:50 +1200
Hi, Sorry for late reply. I'd suggest that you check Roger Thompson's WormRadar project, which is an excellent tool to run on your Windows machines (unfortunately, no Linux port yet). This tool will catch unknown samples on several popular ports and you can even add your own ports to it. It reports detected events to a centralized database so you can see what's happening in the world. It's very simple and works out of the box, you will only have to change some things on your Windows boxes if you want to listen on SMB/Netbios ports. You can find WormRadar at http://wormradar.com Cheers, Bojan Zdrnja CISSP
-----Original Message----- From: dcneting [mailto:ansiry () tm net my] Sent: Saturday, 1 May 2004 12:20 p.m. To: focus-virus () securityfocus com; honeypots () securityfocus com Subject: any other tool to detect worm? ________________________________ From: dcneting [mailto:ansiry () tm net my] Sent: Saturday, May 01, 2004 8:18 AM To: 'focus-virus () securityfocus com' Subject: any other tool to detect worm? is there any tools that i can use to just detect worm-like activity besides that using honeyd? if there is, how can i use it to detect worms(known and unknown) preferably open source platform.
Current thread:
- any other tool to detect worm? dcneting (May 01)
- Re: any other tool to detect worm? bugtraq (May 01)
- Re: any other tool to detect worm? James Riden (May 02)
- RE: any other tool to detect worm? Bojan Zdrnja (May 08)
- Re: any other tool to detect worm? Niels Provos (May 08)
- RE: any other tool to detect worm? Dan Hawrylkiw (May 13)
- Final Year Project Ideas Reena Pau (May 13)
- <Possible follow-ups>
- RE: any other tool to detect worm? Taylor, David (May 02)