Is there a way that network administrators can tell if there is a virus going through the network? I heard about all these new viruses and malware attacking other machines on the same network. Is there a tool or signature detection for finding this?
Thread: virus detection via the network
Results 1 to 2 of 2
-
virus detection via the networkJunior Member
- Join Date
- Nov 2011
- Location
- Knoxville, TN
- Posts
- 5
12-24-2011 04:38 PM
-
Site Admin
- Join Date
- Oct 2011
- Location
- Orlando, FL
- Posts
- 77
12-25-2011 10:30 PMYes and no. The activity on the network is fairly low. They don't use a lot of bandwidth to spread themselves. However, once infected, they may report back to a botnet master. Infected machines can be used as part of a DDoS attack or relay of spam.
There are tools out there like SNORT that will detect some thing against signatures of know malicious code. It's a little intiuitive to setup because it requires using a tap or mirroring ports to scan entire vlans or networks. I don't know of anyone that has it running 24/7.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts