BotHunter

[Vinod Yegneswaran <yegnev () yahoo com>]

Hi All:

  I am happy to announce that SRI has released a
dialog-correlation engine for Snort based bot
detection.   We are also sharing some data from our
malware analysis honeynet.  

More details can be found below. We look forward to
any comments!

http://www.cyber-ta.org/BotHunter/

cheers
vinod




BotHunter - Free Internet Distribution Package Now
Available (31 July 2007) SRI International and
Georgia-Tech Institute (under the Cyber-TA research
project) are pleased to announce the first FREE
Internet distribution of BotHunter, version 0.9.3.   
BotHunter introduces a new kind of passive network
perimeter monitoring scheme,  designed to recognize
the intrusion and coordination dialog that occurs
during a successful malware infection.  It employs a
novel dialog-based correlation engine (patent
pending), which recognizes the  communication patterns
of malware-infected computers within your network
perimeter. BotHunter is available for download at
http://www.cyber-ta.org/BotHunter/ and runs under
Linux Fedora, SuSE, and Debian distributions.  





       
____________________________________________________________________________________Ready for the edge of your seat? 
Check out tonight's top picks on Yahoo! TV. 
http://tv.yahoo.com/