A botnet is a network of zombie computers controlled by a single entity. The term is a blend of the phrase "Robot Network". Sometimes are known as a collection of software robots, or bots, that run autonomously and automatically.
Usually the zombies in use of a botnet are compromised computers running on the Microsoft operating system and sometimes Linux though it’s for it’s rare to get infected with some sort of malware.
These computers communicate with other botnet machines via the Internet. Most botnets are distributed-design systems, with the botnet operator giving instructions to only a small number of machines. These machines then propagate the instructions to other compromised machines, usually via IRC. The distributed design prevents the discovery of the controlling computers. The anonymity that a botnet affords often helps the user avoid detection and possible prosecution.
Botnets are effective in performing tasks that would be impossible given only a single computer, single IP address, or a single Internet connection.
Originally, botnets are used for performing distributed denial of service attacks. designed to interfere with access to a Web site or Internet service. A common method of attack involves flooding a target server with so many communications requests that legitimate traffic can not get through However, some modern web servers have developed strategies to combat DDoS attacks, making this use of a botnet abit ineffective.
Additionally, many counter-DDoS strategies blacklist the IP addresses of attacking computers, thus exposing the botnet's machines.
The first big DDoS attack, in February 2000 took down some of the Web's most popular sites for hours, including Yahoo, CNN, eBay, Amazon.com, Buy.com, and E-Trade. Currently facebook, twitter and Google are trying to fend off a DDos attack.
As the spam market has become profitable, and, botnets are found to be an effective resource for sending spam. At any onetime ten thousand infected pc can send a simple email Furthermore, many compromised computers contain address books of email addresses which can be incorporated into the list of addresses to send spam to. Zombies that are not actively sending spam at any point in time can be configured to scrape the web looking for new email addresses to spam, adding further value to the botnet.
A secondary objective of the botnet is to find and compromise additional computers. While this is not considered a primary objective in and of itself, the expansion of the botnet via assimilation of new computers helps it perform the primary objectives more efficiently. Thus, this secondary objective is often the bulk of a botnet's tasks. Many computer networks, especially those using Microsoft Windows computers running the default settings, inherently trust other computers on the same network. Thus, a single compromised machine on such a network constitutes an attack vector against other machines on the network. Other secondary botnet objectives include website advertisement clicking, web browser toolbar installations, keylogging, and social bookmarking poll manipulation.
There is no surefire way to prevent a DDoS attack. However, a company can reduce its risk by buying plenty of servers and bandwidth, and hosting content on backup servers. Companies can also limit the number of connections that the Web server allows at any one time and set the firewall to block certain types of data that are used in DDoS attacks, said intrusecurity Uganda' David. .
In addition, companies can ask the ISP to impose bandwidth limits or block the IP addresses serving up the attack. Some companies offer DoS detection software, and website developers can configure their Web server to monitor traffic patterns and automatically ban IP addresses that could be associated with an attack. Better yet once an attack has been launched, a company can try to redirect the attack traffic to a null IP address, or a block it. Now the question comes back to you "Is your pc part of the Botnet?"
I’ve met so many IT managers in my career some are friends and others are clients but one thing most of them share is taking security for the company IT facilities for granted. To them the term belongs to “big operations” like Telecoms and banks.
Most IT managers believe buying “state of the art” hardware is good enough….but wait a minute! these just represent computing power not configuration. Most of the settings are left default, leaving unwanted ports and services running that may lead to your systems being comprised.
The threat of hackers, malware and Trojans is for real and maybe from internal or external factors. I know of a few big IT firms that have been hacked because they lacked simple streamlined security policies. These are basically guidelines to what should be allowed and denied on the network. Information technology has become so imbedded in our lives that we practically live with it. Business can’t leave without it and it’s the bloodline of business these days.
A few months ago I had an experience with a friend; he is kind of a big man in a corporate IT firm here in town. I proposed a security audit on his network to be certain that it’s secure. Trust me he gave me a lecture of how he’s using “open source” software, a “state of art” Cisco pix firewall which made his network hack free.
He actually wanted to bet that if anyone ever breaks/hacks in his network, cover my weekend cost for a full month would be taken care of. Unfortunately I didn’t take the bet but I wish I had, because months down the road someone got into his web server. He actually thought I had done it.
The good thing he didn’t lose his job but I can’t be sure you won’t. When you run or setup a server let it be windows or Linux try to analyze the services and ports that are open. In my experience most of these are not really needed and are a security threat. Lastly try to sign onto one of those online mailing lists or forums or blog u can checkout security info. Visit www.securityfocus.com they really have some good topics.
When you look at the statistics, most of the computers that form the botnet belong to small enterprises and home users. We all need to carryout an audit we really don’t need to wait for the accounts to avail the money for an outsider to carry it out. All you need is some free tools especially the open source ones but be careful not to download a Trojan.
Catch you later on my next topic
Squadron Uganda. www.squadronug.com