To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Desai, Ashish wrote:
> If you machines go through a http proxy, you can check the proxy logs > for crud. > Hi list, I'm curious how commercial products are doing this today? We went public with the hybrid approach that we use (netflow, IDS, passive scanning, firewall logs, etc [1]). Gadi's DNS anomaly check was a good one that we don't currently use. [1] http://blog.tenablesecurity.com/2006/08/detecting_crowd.html -- John Lampe Senior Security Researcher TENABLE Network Security, Inc. [EMAIL PROTECTED],tenablesecurity.com} Tele: (410) 872-0555 www.tenablesecurity.com Is your network TENABLE? --------------------------------------- _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
