From: InfoSec News (alertsinfosecnews.org)
Date: Thu Nov 27 2008 - 01:45:43 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.informationweek.com/news/security/government/showArticle.jhtml?articleID=212200774

By Thomas Claburn
InformationWeek
November 26, 2008

Most people whose computers have been turned into bots and linked to a
botnet have no idea that their machines have been commandeered by
cybercriminals. Their PCs send spam, steal information, and participate
in denial-of-service attacks without any obvious sign.

But new software, funded by a grant from the U.S. Army Research Office
and developed by SRI International, promises to provide users with more
insight into what their computers are doing.

BotHunter, announced on Monday, is a free malware-detection application
for Mac OS X, Linux/Unix, and Windows that monitors network activity.
Unlike intrusion detection system (IDS) tools that scan only incoming
data, BotHunter looks for patterns that indicate malware activity in
both incoming and outgoing data.

"We do a lot of inbound egress monitoring," said Phillip Porras, SRI
program director of enterprise and infrastructure security and lead
developer of the BotHunter project. "BotHunter really flips that
paradigm around."

[...]

_______________________________________________
Help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]