Like flypaper for malware..



The diary over at the SANS Institute mentioned an interesting program today. Nepenthes is a program that can simulate a vulnerability so that it can collect samples of malware trying to exploit that vulnerability.


They “simulate” a vulnerable system in the sense that on the network it responds to network requests the way a vulnerable computer would and then when the virus transmit it copies and archives the bad bug. The Nepenthes server then scans and submits the file to clamav so that the antivirus program can improve its detection database.

It would seem that something like this might be worth running on a large network. Let’s say you have a network of 100 pcs, this could give you an idea of when an outbreak begins and where it originates. It’s an interesting idea.

Related Posts

Blog Traffic Exchange Related Posts
  • Network Security guide for the home or small business network - Part 14 - Alternative software There are ways that risks can be avoided. Recently, there was what was called a zero-day exploit for Internet Explorer. As I write this, the exploit surfaced 3 weeks ago and tomorrow there will be a patch. The vulnerability would allow remote code execution through a vulnerability in the way......
  • Network Security guide for the home or small business network - Part 5 - Update your software Okay - so after the last article you've inventoried what software you use on a PC and you know what services (server's) the pc runs that you've told it to. You even know what passes as "normal" startup programs. Now it's time to put that to use. It's time to......
  • iScsi and AoE with linux A few days ago I had reason to investigate iscsi and AoE (ata over ethernet). Both are protocols for sharing a physical drive over the network at the block level. Let me put it in context first. Traditional network file shares have been done like this.... Computer A has a......
Blog Traffic Exchange Related Websites
  • How to use Debt to Improve Your Credit Many of us have the wrong idea when it comes to debt. After years of being told that it is a bad thing and should be avoided, most of us never want to get into the problem of having to deal with debt. Millions more are in over their heads......
  • Feb Edition of Hackin9 - Network Security Another exciting edition of Hackin9 is out and you can download it here.  Information about this edition is located below: ·  Wuala – Secure Online Storage There are a lot of online storage/backup solutions available nowadays and it is hard to find differences between them, but I think Wuala from......
  • FAQ about computer security Q: The virus blocked the registry access and how to get rid of it?A: You can deal with like this: 1. Click on Start -> Run (or Start Search in Windows Vista). 2. Enter GPEdit.msc and then press Enter. 3. Navigate to the following location: User Configuration -> Administrative Templates......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site