HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 42 guests and 1 member online
 
Advertisement

You are here: Home arrow Resourcesarrow Toolsarrow Bothunter - opensource network malware scanner liveCD
EH-Net
May 25, 2013, 05:46:34 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Bothunter - opensource network malware scanner liveCD  (Read 6387 times)
0 Members and 1 Guest are viewing this topic.
Jhaddix
Sr. Member
****
Offline Offline

Posts: 317



View Profile WWW
« on: February 17, 2009, 12:35:09 AM »
I saw this a few months ago on the midnight blogs, but i forgot to post about it. They have made a live cd to correlate traffic patterns of malware on a network. They then report on it by severity, event log pointers, and names of infections. Time to stop procrastinating and check it out Wink

http://www.bothunter.net

Quote
What is BotHunter

BotHunter is a passive network monitoring tool designed to recognize the communication patterns of malware-infected computers within your network perimeter.  Using an advanced infection-dialog-based event correlation engine (patent pending), BotHunter represents the most in-depth network-based malware infection diagnosis system available today.
Logged
GSEC, GPEN, GWAPT, ECPPT, WAHHlive, LSOAdvancedPenTester

http://www.securityaegis.com
http://www.pentesterscripting.com
http://code.google.com/p/pentest-bookmarks/
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 928



View Profile WWW
« Reply #1 on: February 17, 2009, 11:30:16 AM »
Jhaddix,

I've had this tool on my to-do list for a while, have you had much experience with using tool? Specifically is it worth investigating further or should I take it off my list?
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.052 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.