IDS mailing list archives
Re: RE: About detecting bots....
From: saintarmin () hotmail com
Date: 24 Feb 2009 22:09:38 -0000
Hi everybody thanks so much your reply on this post. Well lets see... I prefer to work with open source tools, becouse I like so much doing research and try to create or upgrade tools. I use rules from emerging threats on my Snort sensors... I use also honeypots and darknets to intent find another bots on my network. In past post some guy suggets use BotHunter, and the last moth I implement on two sensors, but at today Bothunter cant create any profile of some bot, I mean bothunter dont find ny bot on my network :s to me dont work very well. For example I also use Argus to find more bots (you can check this link, its very interesting http://www.rawpacket.org/papers/geek00ls-junk ) And my object of this post was to know about another tools like help in the task of find botnets. I know this field is very newer but maybe someone use "x" technique on your network and could show us to attempt use on our networks. Mac Rosel, thanks for your tip :D. Thanks everybody to reply this post and if you have some material to apport please show us... PD Kyle Rosenthal. I cant see your link
Current thread:
- About detecting bots.... saintarmin (Feb 23)
- RE: About detecting bots.... Richard Golodner (Feb 23)
- RE: About detecting bots.... Chris Brown (Feb 23)
- Re: About detecting bots.... Raffael Marty (Feb 24)
- Re: About detecting bots.... Mac Rosel (Feb 25)
- Re: About detecting bots.... Raffael Marty (Feb 24)
- <Possible follow-ups>
- Re: RE: About detecting bots.... saintarmin (Feb 25)
- RE: RE: About detecting bots.... Chris Brown (Feb 25)