Botnet Detection Tool: Ourmon
There are many common botnet families like Spybot, Agobot, RBot, Mytob, SDBot etc.
A botnet can be used for sniffing packets, starting DDoS attack, spamming, phishing, and stealing data. In this Tool Gyan column, we will learn about botnet detection though the popular network sniffing tool known as Ourmon.
Ourmon is a NIX based open source tool originally designed for network packet sniffing. It works on the concept of promiscuous mode of Ethernet packet detection. It also uses port mirroring technique through a Layer 2 (Ethernet) switch. It works best in FreeBSD Operating System.
Ourmon has two software parts, which are called,
- The probe or front-end which sniffs packets and summarizes them into various bits of statistical information.
- The back-end graphics engine, which processes the probe result and makes Web graphics, ASCII reports, log entries, and reports. The graphics engine needs web server like Apache to be installed.
Thanks for this helpful information I agree with all points you have given to us.Please visit once at ddoscube.com.
ReplyDelete