|
Honeypots
mailing list archives
RE: any other tool to detect worm?
From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Sun, 9 May 2004 12:29:50 +1200
Hi,
Sorry for late reply.
I'd suggest that you check Roger Thompson's WormRadar project, which is an
excellent tool to run on your Windows machines (unfortunately, no Linux port
yet).
This tool will catch unknown samples on several popular ports and you can
even add your own ports to it. It reports detected events to a centralized
database so you can see what's happening in the world.
It's very simple and works out of the box, you will only have to change some
things on your Windows boxes if you want to listen on SMB/Netbios ports.
You can find WormRadar at http://wormradar.com
Cheers,
Bojan Zdrnja
CISSP
-----Original Message-----
From: dcneting [mailto:ansiry () tm net my]
Sent: Saturday, 1 May 2004 12:20 p.m.
To: focus-virus () securityfocus com; honeypots () securityfocus com
Subject: any other tool to detect worm?
________________________________
From: dcneting [mailto:ansiry () tm net my]
Sent: Saturday, May 01, 2004 8:18 AM
To: 'focus-virus () securityfocus com'
Subject: any other tool to detect worm?
is there any tools that i can use to just detect worm-like
activity besides
that using honeyd? if there is, how can i use it to detect
worms(known and
unknown) preferably open source platform.
 By Date 
By Thread
Current thread:
|
Intro
