Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Botnet Detection
From: Jay Tumas <jay_tumas () HARVARD EDU>
Date: Wed, 22 Aug 2007 20:28:42 -0400

We're using FireEye and some custom snort sigs on our border.

J

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jay Tumas - BSEE, NSA/IAM&IEM
                      ~~~~~~~~~~~~~~~~~~~~
- Network Operations, Security and Incident Response Team Manager
- Longwood Medical Area Technical Subcommittee Chair
- Boston Infragard Members Alliance, Executive Board Member
                      ~~~~~~~~~~~~~~~~~~~~
       Harvard University - UIS/Network Operations Center
                  60 Oxford Street, Suite 132
                      Cambridge, MA. 02138
                      ~~~~~~~~~~~~~~~~~~~~
       Office: 617-496-8500  Mobile Device: 617-733-6169
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"The first method for estimating the intelligence of a ruler is
to look at the men he has around him." - Niccolo Machiavelli



Jones, Jim R wrote:

Does anyone have a utility or method of detecting botnet infections?

This is becoming a serious problem that we have no way of tracking
down at this point in time. Any suggestions are appreciated!

Jim Jones
IT Security Manager
Gonzaga University
509.323.5926



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]