Botnet-spotting system watches for bad DNS behaviour.
Trend Micro
has launched a new service, entitled
InterCloud Security Service
(
ICSS
), to look out for bot infestations within networks.
The system uses DNS-level behavioural analysis to spot bot-infected computers reaching out to talk to their herders. Once infections are detected, machines can be cut off from the network to prevent spreading while cleaning is initiated, including the option of using
Trend
‘s
HouseCall
remote scanner. The service is primarily aimed at ISPs and other large network systems.
A similar service, entitled
ZombieAlert
and launched last year by
Sophos
, uses data from spam traps to spot zombie-like behaviour, and alerts subscribers to the flow of dodgy data leaking from their networks.
Trend
‘s press release is
here
, and more technical info on the
InterCloud
system is
here
.
Posted on 26 September 2006 by
Virus Bulletin
Leave a Reply