Detecting and Containing IRC-Controlled Trojans:When Firewalls,AV Are Not...

Very good and useful reading....

Detecting and Containing IRC-Controlled Trojans: When Firewalls, AV, and IDS Are Not Enough


http://online.securityfocus.com/infocus/1605


Technodrome

 

Techno

much enjoyed the reading..thanks.

snowman

 

My pleasure snowman


Technodrome

 

TECH

I've been giving this issue some thought..(however feeble that may be).........an I just can see the average user of a home computer doing the things needed to monitor this particul type of exploit.....or even having the knowledge to properly do so.......how many even have an idea of what a sniffer is much less how to use one.......an the bottom line is that its the home computer that gets infected and used by the zombie/bot......
so....in your expert opinion...is there a way...to your knowledge....of shuting down outbound traffic on know zombie ports that the average in-experience could use.
.....I am not so sure a rule based firewall would do the trick.....but its been a long while since I've used one...an many have improved. an there is the application firewall...an that just wont do it for this exploit.......your thoughts would be appreciated........
there are msdos programs that shut down ports completely.....would that be in order here?? again..something simple..since many newbes don't even use firewalls until they learn of them.

 

The best and the simplest way to closed outbound traffic on know zombie ports is firewall. Block all ports that you don't use. It helps! Gotta use it!

Utilities such as Zombie Zapper could be handy as well! This tool tells a zombie system flooding packets to stop flooding.

I'd use some Encryption Security program just to make sure!

Why not use firewalls?

Linux has the command thats shuting down all open ports but I don't know if this command exits in windows.

Technodrome

 

TECH

thank you for giving of your time to reply..most appreciated as always.
perhaps what still amases me is that there are still so many people who don't use firewalls....many don't even know what a firewall does or is.....I know people who believe ONLY big companies need firewalls.....whew!
again thanks....always find your replies most informative....and helpful.

snowman

 

I agree with you snowman!

A large number of people don't even use Anti-Virus tool...

But hey, at least they know how to use Kazaa...


Technodrome

 

LOL now thats rich...I lorv that comment LOL


TECH you made my day......LOL