Honeypots mailing list archives

RE: any other tool to detect worm?

From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Sun, 9 May 2004 12:29:50 +1200

Hi,

Sorry for late reply.
I'd suggest that you check Roger Thompson's WormRadar project, which is an
excellent tool to run on your Windows machines (unfortunately, no Linux port
yet).

This tool will catch unknown samples on several popular ports and you can
even add your own ports to it. It reports detected events to a centralized
database so you can see what's happening in the world.

It's very simple and works out of the box, you will only have to change some
things on your Windows boxes if you want to listen on SMB/Netbios ports.

You can find WormRadar at http://wormradar.com

Cheers,

Bojan Zdrnja
CISSP

-----Original Message-----
From: dcneting [mailto:ansiry () tm net my] 
Sent: Saturday, 1 May 2004 12:20 p.m.
To: focus-virus () securityfocus com; honeypots () securityfocus com
Subject: any other tool to detect worm?

________________________________

From: dcneting [mailto:ansiry () tm net my] 
Sent: Saturday, May 01, 2004 8:18 AM
To: 'focus-virus () securityfocus com'
Subject: any other tool to detect worm?

is there any tools that i can use to just detect worm-like 
activity besides
that using honeyd? if there is, how can i use it to detect 
worms(known and
unknown) preferably open source platform.

Current thread:

any other tool to detect worm? dcneting (May 01)
- Re: any other tool to detect worm? bugtraq (May 01)
- Re: any other tool to detect worm? James Riden (May 02)
- RE: any other tool to detect worm? Bojan Zdrnja (May 08)
  - Re: any other tool to detect worm? Niels Provos (May 08)
- RE: any other tool to detect worm? Dan Hawrylkiw (May 13)
  - Final Year Project Ideas Reena Pau (May 13)
- <Possible follow-ups>
- RE: any other tool to detect worm? Taylor, David (May 02)