Generic IRC Client Detection / Generic Botnet Detection
Info Nessus Network Monitor Plugin ID 4440
SynopsisThe remote host is running an IRC client.
DescriptionThe remote host appears to be running a machine that has installed an IRC client. IRC is a protocol for messaging. In many cases, IRC is used for botnet C&C traffic.
SolutionManually inspect the machine for malicious processes to ensure that the IRC traffic is innocuous in nature.