Web Hosting Security

  Home arrow Web Hosting Security arrow Page 2 - We`re at War with Botnets
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

We`re at War with Botnets
By: Joe Eitel
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 4 stars4 stars4 stars4 stars4 stars / 3

    Table of Contents:
  • We`re at War with Botnets
  • What is a Botnet?
  • Culprits for Spreading Botnets
  • Fighting Back

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    We`re at War with Botnets - What is a Botnet?

    (Page 2 of 4 )

    Botnets are groups of software robots that operate independently and automatically. They compromise computers, and then infect them with Trojan horses, worms, or backdoors. Botnets can cause other damage as well, such as performing denial-of-service attacks, spamdexing, stealing login IDs, application serial numbers, or financial information -- particularly credit card numbers. Another name for these infected machines is "zombie computers."

    Bot herders, or crackers, remotely manage botnets through Internet Relay Channels (IRC) servers or C&C (command-and-control) servers. Botnets are invisible and can take advantage of a hidden channel, such as IM, RFC 1459 standard, or Twitter to talk to the C&C server. The bot herder uses different tools, such as buffer overflows and exploits, to compromise the computers. The botnet herder's goal is to steal as many computing resources as possible.

    Botnets have gotten much more sophisticated over the past few years, and that's due in large part to these creative botnet herders who use the HTTP protocol instead of IRC as their command-and-control protocol. Since HTTP is the most commonly used protocol for Internet communication, they don't see the need to block their traffic. It's also important to remember that botnets are hard to detect and many of them contain built-in protocols that enable zombie computers to merge with genuine outbound web traffic.

    Botnet herders can also create their own commanding protocols, which consist of a client operation program, server application, and the software that it implants on the infected computer. These three components are able to interact with each other via the network, because they contain a unique encryption method that prevents any identification or intrusion into the botnet network.

    Once the botnet gets on a personal computer, it immediately searches for other IP addresses that are at risk of being compromised. The botnet then tries to spread itself by performing actions, such as deceiving the user into clicking a bad instant message link. Botnet herders can also command the botnet to probe the Internet for genuine websites that are vulnerable to SQL injection attacks. Once the bot herders obtain this information, they can insert malware on these sites. The more the botnet spreads itself, the more unsolicited mail it can send. Botnets account for approximately 95 percent of the spam that is delivered across the Internet.

    Botnets rely on peer-to-peer (P2P) relationships. They use this relationship in order to communicate with other botnet servers so as to provide better redundancy. For example, there can be a group of 20 or more individual high-speed compromised computers that behave as servers.

    Approximately 11 percent of computers are infected with botnets. Paul Royal, director of research at Damballa, an Atlanta-based botnet security firm, estimates between 65 million to 90 million personal computers have been compromised. Meanwhile, about five percent of corporate computers are infected with botnets. In other words, botnets can infect personal computers, corporate, university, and government computers.

    Botnets pose dangerous threats to the Internet. For this reason, typical IRC networks have gotten aggressive and now impede access to prior-hosted botnets. Determined to resist being detected, botnet herders are aiming to reduce botnets' sizes. That way, they can launch more precise attacks.

    More Web Hosting Security Articles
    More By Joe Eitel


    - For Online Security, Invest in People
    - World`s Third-Largest Botnet Bites the Dust
    - Yahoo Security Breach Highlights Poor Practi...
    - How to Prevent Mobile Malware
    - FBI Issues Internet Security for Travelers a...
    - More of the Top Internet Scams
    - How to Stop Phishing Scams
    - Social Networking Safety Tips
    - How to Avoid Financial Fraud Online
    - Android`s Most Notorious Trojans and Viruses
    - GFI Report Details Top 10 Threat Detections ...
    - Sophos Releases Security Threat Report 2012
    - Facebook Safety Tips for 2012
    - Email Scam Hits Apple Users
    - Tips for Mobile Security

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap