In association with heise online

17 January 2008, 13:23

Bot detector by Trend Micro

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Trend Micro has developed a bot detector and is providing a free Beta version of it for downloading. RUBotted runs in the background and monitors a computer's network activities.

Trend Micro's RUBotted
Zoom Micros RUBotted is supposed to detect active bots on a computer

Contaminants that turn a computer into a zombie and make it part of a bot network have to communicate with a control server and usually send massive amounts of spam E-mail. So RUBotted checks the computer for outgoing IRC calls, incoming HTTP requests and outgoing E-mails, and monitors DNS queries to resolve net names.

RUBotted gives a warning when it makes a find
Zoom RUBotted warns when there are suspicious activities and suggests checking the computer with an online virus scanner

When it makes a find, RUBotted opens a small warning window and offers to run Trend Micro's HouseCall, an online virus scanner, to check the computer for malicious attacks. In a short test by heise Security using variants of the Storm worm on a Windows XP computer, things went quite well. Trend Micro says RUBotted is meant to work in conjunction with the antivirus software installed on the computer - even that from other suppliers. The program is designed to run on Windows 2000, XP, Server 2003 and 32-bit Vista.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit