[Snort-users] virus-tracing with snort?

Steffen Maetzky (extern) Steffen.Maetzky at ...11508...
Fri Apr 23 07:52:10 EDT 2004


Hi,

Someone ask me, if it is possible to use snort to find out on which way
a special virus has come into his net (or how it spreads) and I couldn't
answer this question, exactly.

I think it is possible to "trace" viruses which can be detected by
pattern matching, but how to detect other viruses?

Which possibilities does snort have?
Any known plugins, addons?
Any known open-source-tools which do that job?
Some good documents known?

Regards,

Steffen 









More information about the Snort-users mailing list