Like flypaper for malware..



The diary over at the SANS Institute mentioned an interesting program today. Nepenthes is a program that can simulate a vulnerability so that it can collect samples of malware trying to exploit that vulnerability.


They “simulate” a vulnerable system in the sense that on the network it responds to network requests the way a vulnerable computer would and then when the virus transmit it copies and archives the bad bug. The Nepenthes server then scans and submits the file to clamav so that the antivirus program can improve its detection database.

It would seem that something like this might be worth running on a large network. Let’s say you have a network of 100 pcs, this could give you an idea of when an outbreak begins and where it originates. It’s an interesting idea.

Related Posts

Blog Traffic Exchange Related Posts
  • iScsi and AoE with linux A few days ago I had reason to investigate iscsi and AoE (ata over ethernet). Both are protocols for sharing a physical drive over the network at the block level. Let me put it in context first. Traditional network file shares have been done like this.... Computer A has a......
  • Network Security guide for the home or small business network - Part 5 - Update your software Okay - so after the last article you've inventoried what software you use on a PC and you know what services (server's) the pc runs that you've told it to. You even know what passes as "normal" startup programs. Now it's time to put that to use. It's time to......
  • Real VNC 4.1.1 vulnerability - Remote Access without password This is one worth checking out anybody using vnc for remote administration. It looks as though intelliadmin has come across a vulnerability in Real VNC 4 (the slashdot post I saw suggested "any machine running VNC 4.1") I haven't tested yet, so I don't know if this ONLY affects REALVNC's......
Blog Traffic Exchange Related Websites
  • Database Security with Application Security, Inc. Database Security and Compliance Efforts Start with a Scan Manually assessing the security posture of a database is a complex task that requires expertise and significant resources. Manually measuring and demonstrating compliance with industry and government regulations is even more difficult, but by equipping your staff with AppDetectivePro™, you will......
  • Feb Edition of Hackin9 - Network Security Another exciting edition of Hackin9 is out and you can download it here.  Information about this edition is located below: ·  Wuala – Secure Online Storage There are a lot of online storage/backup solutions available nowadays and it is hard to find differences between them, but I think Wuala from......
  • How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware My wife, kids, and I spent this past Christmas at my parents' house. It wasn't long after we arrived before I gravitated to their computer to check my email, read the news, check the stock market, etc. Much to my dismay, I found a barrage of malware, spyware, and......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site