A different way to check for viruses

Image
Need to know how to do something then look here first? Want to add a guide, let an Admin know.
Post Reply
User avatar
DarkDeamon
Vice Admiral
Vice Admiral
Posts: 2413
Joined: Sun Mar 08, 2009 12:39 pm
Gender: Male
Location: Over the hills and far away
Contact:

A different way to check for viruses

Post by DarkDeamon » Sun Oct 16, 2011 7:08 pm

This is a background check that you can do but it 'currently' is only done every monday.

Register at https://www.iptrust.com, go into settings and enter your (internet) ip address. To find out your external IP Address, point your web browser @ http://www.whatismyip.com/

As there is a good chance you don't have a static IP then what you do is you enter an IP address range so for instance if my IP was 90.197.197.25 I could enter 90.197.197.1-90.197.197.254 or I could enter 90.197.197.0/24. You may want to check on a sunday night before the scan happens on a monday morning? If you do something like host a web site then just enter your websites IP address as that is (normally) a static address (HINT Age).

How this system works is the company examine viruses and work out what they do. Every virus has an almost unique signature in how it acts once it infects a machine. The will either try to contact a specific domain or IP Address or may try to spread themselves using certain procedures.

If you know what your looking for (and these guys do) then it's possible to tell if a machine (or network) has a virus by scanning the outgoing network traffic for the specific virus markers. This is currently offered for a limited number of IP addresses (256 unless you are a special customer) and is only done once a week over the weekend with the scan report arriving in your inbox on a monday.

I have used this service on a 'supposedly' clean network (according to the AV) and it actually found a virus and a botnet. Further checks of the 50 machines one by one with my special AV disk did unearth a botnet on 10 machines and a virus that was starting to spread on the network so it's a useful 'extra' tool in your arsenal!
aka EvilB@stard
Insurgency Config maniac
Putting my hacks on your PC :devil:

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest