# [SOLVED] How to spot bot traffic?



## Rosie-L (Mar 23, 2008)

Hi all.

*if I'm in the wrong forum please point me to the right one*

Can anyone recommend any sort of a program that will monitor traffic in and out of a PC and display if some sort of a spam bot is active?

I don't mean anti-virus or anti-spyware software, but rather a program that will look for the illegal traffic itself.

My Google searches suggests that some sort of a network packet monitor might do the job, but would it work for a broadband connected stand-alone PC?

How easy is it to read the output from a packet monitor (if that's what should be used)?

TIA
- Rosie


----------



## dai (Jul 2, 2004)

*Re: How to spot bot traffic?*

moved you to network security


----------



## Cellus (Aug 31, 2006)

*Re: How to spot bot traffic?*

Manually reading and interpreting the output on an active Internet connection using a network protocol analyzer, such as WireShark is complex and beyond the absolute basic of troubleshooting only useful for networking experts. That isn't to say you can't use it while not being an expert, but it certainly helps. :wink:

You can use something like WireShark to read your traffic and see where traffic is going. You can also use things such as the _netstat -a_ command in the command prompt to see what connections have been established or listening, waiting for a connection (though commonly the more advanced bots and viruses evade such commands).

An Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) will automagically read traffic and detect/block known and unknown threats. You can also use a Personal Firewall (a software firewall), which may or may not have built-in IPS, with application control to control what programs have permission to access the Internet, receive connections, and so forth.

Have anti-virus, anti-spyware, and a personal firewall running to help protect your computer. Keep Windows and your various programs patched and up-to-date to fix security holes. Try to stay logged in as a limited user (not an administrator) unless necessary so if the PC is compromised the freedom a malicious program or user has is mitigated.

If you would like some program suggestions, take a look at our PC Safety and Security thread for more information.


----------



## Rosie-L (Mar 23, 2008)

*Re: How to spot bot traffic?*

Thanks very much Cellus. 

That's exactly what I wanted to know.

- Rosie


----------

