Malware / Trojan / Virus Part Three
By Heather - Page 3
Monitoring or controlling your net traffic
Monitoring the traffic on your network is probably best left to a reliable firewall. However, there is a certain amount of entertainment to be gained by actually looking at what you get visited by. If you do try out any of the programs mentioned here, remember that most network traffic is rubbish and generated by the Internet, your ISP and so on. And it's easy enough to spoof the origin of a network packet So don't get obsessed by it.
Peer Guardian is really good at blocking a fair number of unwanted visitors. It supplies lists -most of which are updated daily - of IPs in the categories you might want to block, such as spyware sources. If you are doing peer to peer file sharing, you should use it. It is very simple to use and to set up. It gives minimal information
Its only obvious problem so far (in the free version at least) is that, if it has blocked an IP you actually want to allow into your PC or that you want to send packets to, you have to disable it altogether.
Ethereal is good at watching what is accessing your PC. It goes way beyond what you probably need to know. For example, it shows the contents of unencrypted packets. You can thus have the unpleasant surprise of reading your MSN messages and emails directly from the internet in text format. With most forms of email account, there is the even more drastically unpleasant surprise of spotting your email user name and passwords gambolling across the world wide web.....
I wanted to learn to use Snort but, although it's very easy to install and set up, your learning curve needs to be steep to make any use of it, and I haven't had days of leisure to play around with it yet. It claims to be the de facto standard for intrusion detection systems. It looks worth investigation if you start to get really interested in network traffic.
Malware and Intrusions - Page 1 Malware and Intrusions - Page 2 Malware and Intrusions - Page 3
