Is it possible to detect Botnet. If yes then how ?

[Toby-Martin]

I am checking the firewall policies deployed on my network. I had blocked a number of IP address so that none of the unauthorized incoming connection can be established. I had seen some weird IP address. By checking them I found that they are mostly from Asia. The firewall has blocked the incoming connectivity. It is integrated with my antivirus. It is necessary that there should not be any practice by which logs can be pushed on web. This logs can contain confidential information about your day to day work.

[Abdulmajid]

I am using ZoneAlarm. It is one of the best antivirus stuff I had seen. It allows me to track programs easily. It is lightweight and easy to configure also. The tool offers you a integrated and powerful firewall support. Somehow you must avoid visiting web-sites which are not secure. That is the first precaution you can do to keep your system secure. There are some old virus in the Quarantine. I want to know that will keeping this is safe or should I delete them.

[GARTH]

Yes you can let it be there. A Quarantine folder is like a restricted entry where no one can go. That means one the virus is quarantined it will not communicate with any other file. Alongwith virus scanning you must also deploy a tool that can verify the registry health. There are some scanners that comes with registry repair support. Virus mostly affect the registry making your system more vulnerable to attack. Also with a good system monitor you can keep a close watch on the threats and activity.

[Amosz]

If you see any invalid ip address then try to find the port associated with that. Because a virus needs some access to communicate with other servers. And a open port is the only way. Port scanner can tell you which ports are kept open. There are only some ports that are mostly used by applications to get updates. Those are by default unlocked and occupied. While some are left open due to low security concern.

[Stuartl]

I am also worried about some software which can put the system on risk. One of them is remote desktop sharing. I had seen a number of port open when I installed one and there are some packet changes. I am not able to locate the right port associated with the same.