View Full Version : virus detection via the network
Is there a way that network administrators can tell if there is a virus going through the network? I heard about all these new viruses and malware attacking other machines on the same network. Is there a tool or signature detection for finding this?
12-25-2011, 10:30 PM
Yes and no. The activity on the network is fairly low. They don't use a lot of bandwidth to spread themselves. However, once infected, they may report back to a botnet master. Infected machines can be used as part of a DDoS attack or relay of spam.
There are tools out there like SNORT that will detect some thing against signatures of know malicious code. It's a little intiuitive to setup because it requires using a tap or mirroring ports to scan entire vlans or networks. I don't know of anyone that has it running 24/7.
Powered by vBulletin® Version 4.1.7 Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.