Results 1 to 2 of 2

Thread: tool to detect botnet member in LAN

  1. #1

    Default tool to detect botnet member in LAN

    I had been notified by my IP-provider that participation in botnet activity (ntp-multiplier) from a computer in my LAN had been deteted via a sinkhole.

    Of course I suspect the WIN XP system, but I have no idea whether my openususe systems might be the cause or are at least infected.
    (chkroot and rkhunter did not find anything)

    Is there a tool (eg. sniffer) for Opensuse (12.3) that can be used to track down the bontnet member in my LAN?

    what can I do to check the opensuse installations?

    thanks!

  2. #2
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: tool to detect botnet member in LAN

    On 2014-02-06 13:06, suse paul wrote:
    >
    > I had been notified by my IP-provider that participation in botnet
    > activity (ntp-multiplier) from a computer in my LAN had been deteted via
    > a sinkhole.


    Check that your Linux machines are updated. There was recently a patch
    to NTP for a security problem. I think it is that one.

    --
    Cheers / Saludos,

    Carlos E. R.

    (from 13.1 x86_64 "Bottle" (Minas Tirith))

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •