Re: Malware detection with Snort

[Mayur Patil <ram.nath241089 () gmail com>]

Hi Daniel,

The Snort has come with predefined rules which detect the "Network Trojan"
might be helpful to deal with the current malware

analysis IMO. :)

Now, about the forensics approach as Salvo said.

I would like to suggest technique logging i.e. export logs to remote log
server using rSyslog, free log management utility with

awesome community support. If your system gets compromised, you will have
track of system activities with you due to remote

log exportation and take countermeasure actions on it such tuning Snort or
other security areas of your network which will be

proved as proactive approach.

Keep us posting to know your experimentations !!

-- 

*Cheers,Mayur*.

------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!