Honeypots: Re: any other tool to detect worm?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Honeypots mailing list archives

Re: any other tool to detect worm?

From: Niels Provos <provos () citi umich edu>
Date: Sat, 8 May 2004 21:37:34 -0400

On Sun, May 09, 2004 at 12:29:50PM +1200, Bojan Zdrnja wrote:

This tool will catch unknown samples on several popular ports and you can
even add your own ports to it. It reports detected events to a centralized
database so you can see what's happening in the world.


Honeyd is currently in an experimental phase for centralized data
collection, you can see an examle of it's data collection which
right now does not show any worm correlation at

  http://www.honeyd.org/live.php

One of the interesting aspects is the display of current spammers.

In one of the next released of Honeyd, Honeyd can be used to collect
all this data and send it to analysis machines.  The analysis will
include worm detection.

Niels.

By Date By Thread

Current thread:

any other tool to detect worm? dcneting (May 01)
- Re: any other tool to detect worm? bugtraq (May 01)
- Re: any other tool to detect worm? James Riden (May 02)
- RE: any other tool to detect worm? Bojan Zdrnja (May 08)
  - Re: any other tool to detect worm? Niels Provos (May 08)
- RE: any other tool to detect worm? Dan Hawrylkiw (May 13)
  - Final Year Project Ideas Reena Pau (May 13)
- <Possible follow-ups>
- RE: any other tool to detect worm? Taylor, David (May 02)