Last Update: 05 June 2009
We would like to thank you for all
your support, interest, and encouragement in developing this latest
software release. BotHunter has been a big hit, thanks to you,
and we have received lots of great suggestions from many
We have made many improvements to BotHunter since our last release of
BotHunter 1.0.2 in early 2009.
* Expanded our OS compatibility coverage to include the 32 and 64-bit versions
of Windows XP, Windows Vista, and Windows 2003 Server
* Enhanced IP blacklist performance via a new custom Snort plugin
* Added Ethernet address reporting in the infection profile
* Upgraded the Bothunter knowledge-based (including conficker variant detection)
* Resolved problems in the Windows threat update service
* User interface now perform name lookups on mouse-over IP addresses
* Added ability to change home-net, DNS, and SMTP address lists after root installation.
* Added behind-firewall option to installer (see BotHunter Behind or In Front of Firewall).
* Added infection log roll-over options (see User Guide: Special Features).
* Added optional Email delivery of infection reports (see User Guide: Special Features).
* Added optional ArcSight CEF Alert output (see User Guide: Special Features).
* BotHunter may now be permanently installed from the BotHunter Ubuntu LiveCD.
* Added desktop icons to start BotHunter GUI for Linux and Mac OS X
* Added test for, and installation of, patch when required.
* Performs name-to-address lookups where IP addresses were previously required.
* Attempts, within the confines of Java, to display which network adapters are available.
* Allows for multiple input file arguments in batch mode.
BotHunter is now supported on these operating systems:
- Linux - tested on Fedora, Red Hat Enterprise Linux, Debian, and SuSE distributions
- FreeBSD - tested on Product Release 7.2
- Mac OS X - tested on Tiger and Leopard, Mac OS 10.4 and 10.5
- Windows XP, Vista, Server 2003
self-installing Win32 executable is
available and will install all necessary supporting packages for these
32- and 64-bit OSs.
- Live-CD - a self-booting
ISO image of BotHunter operating on
BotHunter Development Team
Computer Science Laboratory
SRI International http://www.bothunter.net