IDS mailing list archives
RE: Is there any malicious software web traffic detection tool or research?
From: "Daniel Constantino" <Daniel.Constantino () dealertrack com>
Date: Tue, 17 Jun 2008 08:52:30 -0400
Have you considered using a tool like Labrea; it looks like a great idea to be proactive about security. Personally I haven't used it, but I was considering it. Does anyone have experience using this "Sticky" Honeypot? Regards, Dan Constantino Sr. Information Security Analyst ==================================================================== DISCLAIMER: This e-mail may contain confidential, proprietary information of DealerTrack, Inc. It is intended solely for the named recipient(s) listed above and should be maintained in strictest confidence. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you have received this e-mail in error, please immediately notify the sender and delete this information from your computer and destroy any related paper copies. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of john lokka Sent: Wednesday, June 11, 2008 5:50 PM To: Qianli Zhang Cc: focus-ids () securityfocus com Subject: Re: Is there any malicious software web traffic detection tool or research? Thre are several programs available. I'd take a look at ARGUS and the cisco netflow. There are more and more conference proceedings involving netflow analysis techniques. Many cover worm detection, P2P detection and botnet detection. Google 'netflow analysis' or ' network traffic analysis'. On Mon, Jun 9, 2008 at 9:11 PM, Qianli Zhang <zhang () cernet edu cn> wrote:
Hi all, At present, there are more and more web traffic caused by malicious softwares. For example, some malicious plugin may periodly visit some sites to improve their website's ranking, or some plugins may periodly collect the users usage profile. Is there some tool or research available to detect such activities through web traffic analysis? Thank you! Regards, seacxm ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- Is there any malicious software web traffic detection tool or research? Qianli Zhang (Jun 10)
- Re: Is there any malicious software web traffic detection tool or research? john lokka (Jun 12)
- RE: Is there any malicious software web traffic detection tool or research? Daniel Constantino (Jun 17)
- Re: Is there any malicious software web traffic detection tool or research? john lokka (Jun 12)