Check out sensorTrends: http://www.packetshack.org/index.php?page=sensorTrends > Does anyone know of a script that will check the syslog for any external > connections on know malware ports? > > > > This will help to identify internal hosts that may be infected with > certain viruses or malware. We have a Cisco PIX > > Sending it's info to a Linux syslog. I have a list of know malware ports > and can run a for loop against each line in the > > Syslog file. Is there a good site that keeps track of know malware > ports for download? > > > > Please send me any resources you may know of regarding identification of > Malware via Syslog searching. > > > > > > > > > > * Gregg Dotoli > * NADAP > * (W) (212)-986-1170 ext. 136 > * (C) (973)-896-0452 > > > > > > > > _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Tue Jun 08 2004 - 11:29:49 PDT