http://www.bothunter.net/
not sure about this they say US goverment uses this but better be safe when checking it.

fascinating (http://www.bothunter.net/doc/bothunter.html)



how would you deploy this?

on a server?

From looks of it detects malware/virus action on your network from a server would be a great tool for detecting stuff in a business with a lot of computers.

There is another one called Snort it is part of this package.

http://www.snort.org/

Some people will believe anything, just because it says so on the net.

Used to be that way once with the newspapers.

Tested bothunter on VM it works it gives ip of the machine that is infected the websites its connecting to and more.

Would only be useful in an environment with a lot of pc's you can tell what machine in infected does not do any cleaning also tracks mailbots, zombiebots and more uses packet sniffing picks up malware/bot activity and records it.

Tested bothunter on VM it works it gives ip of the machine that is infected the websites its connecting to and more.

Would only be useful in an environment with a lot of pc's you can tell what machine in infected does not do any cleaning also tracks mailbots, zombiebots and more uses packet sniffing picks up malware/bot activity and records it.

There have been times that I would have loved that tool. Reading through all the data from Snort is just a pain! Doable, but a pain none the less.

I'm going to test those programs for my home base Client/Server network.