Chuck Norris botnet detection plugin
Authors | |
---|---|
Year of publication | 2010 |
MU Faculty or unit | |
Web | Webová stránka s instalačním balíčkem |
Description | Chuck Norris botnet detection plugin for NfSen collector periodically analyses NetFlow data. The plugin provides output of detection methods aimed at botnet behaviour during its lifecycle: port scanning from infected hosts outside the local network, scanning from infected hosts in the local network, communication with the botnet distribution and control servers, and DNS spoofing. |
Related projects: |