Computers on corporate, government and education networks are often infected with trojans that seek to capture banking information or use the machine as a spam engine. Common sources of infection include viruses and spyware that either contain or download “dropper” files, which open the door for trojans. Network monitoring will generally detect unusual levels of traffic that could indicate a machine is being used as a spam relay or as part of a DDoS attack.
The Netcraft Network Examination offers detailed analysis that can uncover potential weaknesses in network configurations and popular software.