RE: any other tool to detect worm?

Hi,

Sorry for late reply.
I'd suggest that you check Roger Thompson's WormRadar project, which is an
excellent tool to run on your Windows machines (unfortunately, no Linux port
yet).

This tool will catch unknown samples on several popular ports and you can
even add your own ports to it. It reports detected events to a centralized
database so you can see what's happening in the world.

It's very simple and works out of the box, you will only have to change some
things on your Windows boxes if you want to listen on SMB/Netbios ports.

You can find WormRadar at http://wormradar.com

Cheers,

Bojan Zdrnja
CISSP

> -----Original Message-----
> From: dcneting [mailto:ansiry_at_tm.net.my]
> Sent: Saturday, 1 May 2004 12:20 p.m.
> To: focus-virus_at_securityfocus.com; honeypots_at_securityfocus.com
> Subject: any other tool to detect worm?
>
>
>
> ________________________________
>
> From: dcneting [mailto:ansiry_at_tm.net.my]
> Sent: Saturday, May 01, 2004 8:18 AM
> To: 'focus-virus_at_securityfocus.com'
> Subject: any other tool to detect worm?
>
>
> is there any tools that i can use to just detect worm-like
> activity besides
> that using honeyd? if there is, how can i use it to detect
> worms(known and
> unknown) preferably open source platform.
>
>
Received on Sat May 08 2004 - 20:50:10 PDT