Trend Micro has released a beta of RUBotted, a little program that watches for incoming bot related traffic.
Here's the Trend Micro description:
RUBotted intelligently monitors your computer's system behavior for activities that are potentially harmful to both your computer and other people's computers. RUBotted monitors for remote command and control (C&C) commands sent from a bot-herder to control your computer. Additionally, RUBotted watches for an array of potentially malicious bot-related activities, including mass mailing - a common activity performed by a bot-infected computer.
RUBotted co-exists with your existing AV software, providing advanced bot specific behavior monitoring. RUBotted does not rely on frequent, network intensive updates to ensure your computer's continued protection.
The software covers all Windows versions from 2000 to XP to Vista. I took it for a spin and the software is definitely easy and lightweight. In fact, it was almost too easy. I don't know what it scanned per se or how it arrived at the conclusion that my PC was bot free.
What follows is the extent of the application:
The initial installation and scan:
The screen that would reveal any activity:
And the settings:
The application is clearly designed for the background, but as Ryan Naraine notes it's likely Trend Micro will charge for this utility once it's out of beta. If he's right, then we get another nickel and dime effort from security software vendors. I have the McAfee Web service at home and when it's time to renew things get way confusing for these ala carte protection schemes.
Clearly software like RUBotted should be part of a bigger suite or just a component in your everyday antivirus software. Will we get it that way? Probably not. That means I'm unlikely to buy bot scanning software in addition to the other complement of services I get.
Is separate botnet software worth getting to you?