To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
How are you utilizing Netflow in this scenario? Simply checking for
port connections?
Mick
Georg Wicherski wrote:
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
There are basically two basic ways to find botnets:
- obtaining a sample (mwcollect Alliance <- nepenthes)
x sandboxing it
x dissassembling it
- netflow analysis
x dns queries
x snort rules
Georg
Tony Cawte wrote:
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
In order to facilitate tracking/reporting on this activity what are the
popular methods utilised?
I have read all there is to read on Honeynet and would assume these practices
are the ones adopted in general?
Does anyone simply use ntop for example?
Interested in your thoughts.
T
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
|
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
