There is a github project to build a network based malware detection system. This system uses blacklist and other open source information to build up a scoring system for network traffic that indicates the presence of malware.
I have not tested this system yet, however we are in the process of bringing in new equipment which frees up some older equipment to run tests on.
Here is the link:
https://github.com/stamparm/maltrail
Follow on Twitter: ITSECSAM
No comments:
Post a Comment