SCF Advanced Search



Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43467
  • Total Topics: 16558
  • Online today: 2834
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 1980
Total: 1982









Author Topic: New free tool detects malware on networks (BotHunter)  (Read 6223 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
New free tool detects malware on networks (BotHunter)
« on: 26. November 2008., 08:39:15 »


A new tool is being used within the U.S. government and the Department of Defense to fight malware on their networks.

The free, downloadable malware-detection tool, called BotHunter, was sponsored by the U.S. Army Research Office, and there have been 35,000 downloads so far.

Two hundred fifty instances of malware infection have been detected by those who downloaded the product, Phillip Porras, program director of enterprise and infrastructure security at SRI International, a research and technology organization, and lead developer of the BotHunter project, told SCMagazineUS.com Tuesday.

β€œIt works so well that it has even found infected Mac computers, much to the embarrassment of the Mac owners who, of course, swear that their computers cannot be infected with bots,” Marcus Sachs, director at SANS Internet Storm Center, told SCMagazineUS.com Tuesday in an email.

The tool was developed by SRI International and funded through a Cyber-Threat Analytics research grant from the U.S. Army Research Office.

It reportedly helps Windows, Mac and Linux users detect malware-infected hosts on their networks by tracking interactions that typically occur when a PC is infected with malware, Porras said. The tool will generate an infection profile with all the forensic evidence that was gathered.

The infection profile report will then allow users to determine which machines on the network are acting like they are infected. The tool anonymizes infection profiles and passes them back to SRI, where they go into a repository that is used to help generate new threat intelligence.

BotHunter will not clean up machines. If infected, Porras recommended removing the machine from the network and running various removal tools –  including anti-virus and spyware solutions – to try and clear up infection.

Botnet-infected machines remain a pervasive threat. In September, internet intelligence organization Shadowserver Foundation reported the number of zombie computers quadrupled during a three-month span, coinciding with a rise in SQL injection attacks.

Nearly 200 researchers, law enforcement officers and academics met last month at the International Botnet Task Force gathering in Arlington, Va. The organization was formed by Microsoft in 2004 to share information and investigation case studies.

Download: http://www.bothunter.net/

(SC Magazine)

Samker's Computer Forum - SCforum.info

New free tool detects malware on networks (BotHunter)
« on: 26. November 2008., 08:39:15 »

devnullius

  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female
    • SCForum.info
Re: New free tool detects malware on networks (BotHunter)
« Reply #1 on: 19. January 2013., 23:12:55 »
<IN EDIT>

Nice one - Unix (Linux, Mac OS X) only & there is a web front-end?

Will be testing this soon :)

(devnullius)
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

Samker's Computer Forum - SCforum.info

Re: New free tool detects malware on networks (BotHunter)
« Reply #1 on: 19. January 2013., 23:12:55 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023