SLAC Computer Security
Search SLAC

Computer Security News You Can Use (at Home too)

Title: BotHunter tracks down zombie PCs on a LAN


Source:  Heise Security

Date Published: 5 November 2008




'....BotHunter listens in to the network traffic and, using various analytical techniques, tries to identify connections from bots to their bot-herder. Among the things it uses for this purpose are lists of known command-and-control servers, the DNS servers involved, and IP addresses belonging to the Russian Business Network. It also tries to identify call flows and correlate them with other data to yield a value for how likely it is that a PC is a bot.


The BotHunter package for Windows and Linux takes only about 10 MB of disk space and is available to download. To test Bothunter without installing it, there is also an ISO image to burn a bootable LiveCD......'


To read the complete article see:

Owner: SLAC Computer Security
Last Updated: 07/22/2010
Feedback: Please send to
Computer Security Feedback