Hi All, I just uploaded my latest project Arnold related ArnoldTrigger https://github.com/tbaror/ArnoldTrigger, this project is TCP client agent/server based ,that is basically triggered upon in our case Symantec clients infection. This need is came out of need to make sure that clients are well cleaned in case of infection and make sure isolated from network until we make sure its well cleaned. In current version we have the client query the infection event confiured in "js" file and sends json format ssl encrypted with pre-configured key authenticated to server , when authentication is completed the server send "start_arnold" ip with date+machine name file inside Machine IP, and the machine is sent to quarantine preconfigured profile that we set.

we are working now on two major features autocleaning module , and Firewall (pfsense) snort events to Arnold. Hope you find this tool useful , and i will gladly will get any comments and suggestion for improvements.

Thanks