Information AboutBotnet |
| CATEGORIES ABOUT BOTNET | |
| computer network security | |
| spamming | |
| multi-agent systems | |
|
While the term "botnet" can be used to refer to any group of bots, such as IRC Bots , the word is generally used to refer to a collection of compromised machines running programs (usually referred to as Worms , Trojan Horse s, or backdoors) under a common Command And Control infrastructure. A botnet's originator can control the group remotely, usually through a means such as IRC , and usually for nefarious purposes. Individual programs manifest as IRC "bots". Often the command and control takes place via an IRC Server or a specific channel on a public IRC network. A bot typically runs hidden, and complies with the RFC 1459 (IRC) standard. Generally, the perpetrator of the botnet has compromised a series of systems using various tools (exploits, buffer overflows, as well as others; see also RPC ). Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet owner community. Botnets have become a significant part of the Internet , albeit increasingly hidden. Due to most conventional IRC networks taking measures and blocking access to previously-hosted botnets, owners must now find their own servers. Often, a botnet will include a variety of connections, ranging from dial-up, DSL , cable, educational, and corporate. Sometimes, an owner will hide an IRC server installation on an educational or corporate site, where high-speed connections can support a large number of other bots. Exploitation of this method of using a bot to host other bots has proliferated only recently, as most Script Kiddie s do not have the knowledge to take advantage of it. Several botnets have been found and removed from the Internet. The Dutch police found and dismantled a 100,000 node botnet and the Norwegian ISP Telenor disbanded a 10,000 node botnet . Large coordinated international efforts to shutdown botnets have also been initiated. PURPOSE |
|
|