Scanning LAN for virus activity?
shrek-m at gmx.de
shrek-m at GMX.DE
Mon Mar 15 23:07:54 GMT 2004
Steve Mason wrote:
>Not sure about iptables, but I use nmap and tcpdump to check for anything on
>my local network.
>Nmap to scan for any of the ports that the latest worms/vuruses listen on.
>Tcpdump listening on port 25 (minus your mail servers) should find anyone
>with a process sending out spam, or trying to propagate a worm/virus via
>email.
>
>
snort
http://www.snort.org/
ntop
http://www.ntop.org/
--
shrek-m
More information about the MailScanner
mailing list