Slashdot Mirror

← Back to Stories (view on slashdot.org)

Prototype Software Sniffs Out, Disrupts Botnets

Posted by Zonk on from the are-you-john-connors dept.

coondoggie writes "Earlier this week researchers unveiled a system to identify and eradicate botnets in the wild. While currently only a prototype, Georgia Tech's BotSniffer would use network-based anomaly detection to identify botnet command and control channels in a LAN. The system wouldn't require any prior knowledge of signatures or server addresses. 'The researchers said their prototype, which was presented at the Internet Society's Network and Distributed System Security Symposium this week, is based on the fact that botnets engage in coordinated communication, propagation, and attack and fraudulent activities.'"

2 of 51 comments (clear)

  1. Prior art ... by tomhudson · · Score: 3, Funny

    I can see RIAA and friends going green with envy if it worked.

    Won't happen ... From the summary:

    is based on the fact that botnets engage in coordinated communication, propagation, and attack and fraudulent activities

    The RIAA / MPAA / Congresscritters / Lobbyists / Subprime Lenders ? BushCheneyHalliburtonCo all claim prior art ...

  2. Re:Useful but fundamentally flawed.... by somersault · · Score: 2, Funny

    I knew there was something evil about our WSUS server

    --
    which is totally what she said