IDS mailing list archives
RE: About detecting bots....
From: "Chris Brown" <chris () get-tuf com>
Date: Mon, 23 Feb 2009 17:03:47 -0000
I use the Netwitness NextGen platform, www.netwitness.com this provides full packet capture for forensic analysis and incident response. Excellent for detecting Botnets and encrypted C&C channels especially when combined with a threat feed. Regards Chris -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of saintarmin () hotmail com Sent: 23 February 2009 16:13 To: focus-ids () securityfocus com Subject: About detecting bots.... Hi Well I like so much ask your opinion using this way... In this time, Im very interesting about, How you can detect bots on your network? In the last month I implement on my network Bothunter (you can see http://www.bothunter.net), but to my it doesnt still work very well.This tool dont have found any bot in my network, and doing an analyse using NSM I found some of them. Well Do you use some technich, tools, or anything else to find some bots in your network? I know this is a very new field on research, but maybe you know about something that can help detecting this kind of malware. thanks for all. regards Armin Garcia
Current thread:
- About detecting bots.... saintarmin (Feb 23)
- RE: About detecting bots.... Richard Golodner (Feb 23)
- RE: About detecting bots.... Chris Brown (Feb 23)
- Re: About detecting bots.... Raffael Marty (Feb 24)
- Re: About detecting bots.... Mac Rosel (Feb 25)
- Re: About detecting bots.... Raffael Marty (Feb 24)
- <Possible follow-ups>
- Re: RE: About detecting bots.... saintarmin (Feb 25)
- RE: RE: About detecting bots.... Chris Brown (Feb 25)