Scanning LAN for virus activity?

Ewald Beekman E.H.Beekman at AMC.UVA.NL
Tue Mar 16 14:26:34 GMT 2004


I once used mailsnarf (from Dug Songs dsniff package) to capture mail
messages of the wire and then with a small perl script split the mbox
in various messages and used Anomy sanitizer and trend AV to scan for
virusses. Worked quite well.

Ewald...

On Mon, Mar 15, 2004 at 02:45:41PM -0800, Michael St. Laurent wrote:
> I was reading about the String module for iptables in Linux Journal over the
> weekend and it occured to me that this could be used for scanning the LAN
> for the presence of an infected system.
>
> Does anyone know if such a tool exists?  We're seeing *much* higher network
> activity lately than in the past and it makes me nervous.
>
> --
> Michael St. Laurent
> Hartwell Corporation

--
## Your mind-mint is:



More information about the MailScanner mailing list