Scan a Private newtork for viruses and malware

I would like to scan a private network for viruses and malware, network is a Microsoft network. But I could use a Linux computer to scan if I had too. From time to time client gets a email from their ISP saying they are infected. I would like to scan from one station the whole network rather than jump to each station.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sudeep SharmaTechnical DesignerCommented:
If you are comfortable working on Linux then I would suggest to use Snort (

Make sure that you mirror one port on your swtich to capture all the network traffic and then connect the linux system running Snort to analyze the network traffice so that you get all the network to filter.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ashok DewanFreelancerCommented:
If you want for windows, just try 14 days free trial IDS+IPS which is SAX2
check out this link :-
Once you get full version then you can make your own rules. it's same like snort. In updates you get all type signatures i.g intrusion attack, viruses base sig.. etc.

It's interface is user friendly. alternative option is snort.
Soupbone79Author Commented:
I got snort running on a pc, man that wasn't easy, with winpcap and zenmap. But still not sure how to find malware or viruses. I see that you can look for open ports, but not sure about activity
I'm not sure what you mean with "scan a private network for viruses and malware"? Snort and SAX2 are intrusion detection/intrusion prevention systems to scan the network traffic for abnormal behaviour. But as far as I know they do not scan the computer's hard disks. But more probably you want to scan the computers in your network for viruses and not the network itself?

In this case you need to run an antivirus application on every computer. If it is a private network then I'm afraid you have to jump to each station. I'm not aware of an enduser antivirus product that offers scanning multiple computers from one single instance. If it is a business network you can install a central management server, rollout the antivirus clients to all stations and then start the scan centrally.
Nadir ALTINBASElec.&Elctro.Engr.Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.