Network and Computer Security

The problem with viruses, worms and other malicious codes or hacking attempts is that it’s not always easy to detect them. In most of the cases, it’s actually quite hard to spot them.

There are many different techniques and tools to do so, but none of them is really fully efficient, so a good network and security administrator will have to learn to combine several tricks to try to detect what’s wrong on his network.

Yiming Gong wrote a very interesting article about the usage of NetFlow to detect Worms; definately a must-read for network administrators (Note: For Open-Source people who don’t have/want NetFlow, some alternatives are suggested in the second article).
Detecting Worms and Abnormal Activities with NetFlow, Part 1

Detecting Worms and Abnormal Activities with NetFlow, Part 2