What are botnets?

View previous topic View next topic Go down

What are botnets?

Post by Belahzur on Sun Mar 15, 2009 1:53 am

Video:
http://news.bbc.co.uk/1/hi/programmes/click_online/default.stm

Some of you might not be able to see it if your not in the UK/US, so find a US based proxy.

Botnets is a group of zombie computers all infected with a certain type of malicious software, but unlike other malware, this type of malicious just sits and goes un-noticed until a command is given to the bot. Botnets can be used for spamming inboxes and DDOS'ing websites.

A simple website can be taken down within minutes since botnets like Storm are massive, more than 200,000 computers all sending around 1000 requests to the server a second.

Other botnets like Srizbi and Rustock are both spambots that just sit there until a command is given.

The video shown is quite interesting to watch, a representative from Prevx shows how this all works with great detail.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: What are botnets?

Post by Doctor Inferno on Sun Mar 15, 2009 2:12 am

I'm from Singapore and can see the video... Interesting!


Please be a GeekPolice fan on Facebook!



Have we helped you? Help us! | Doctor by day, ninja by night.

Doctor Inferno
Administrator
Administrator

Posts Posts : 12015
Joined Joined : 2007-12-26
Gender Gender : Male
OS OS : Windows 7 Home Premium and Ultimate X64
Protection Protection : Kaspersky PURE and Malwarebytes' Anti-Malware
Points Points : 104600
# Likes # Likes : 0

View user profile

Back to top Go down

Re: What are botnets?

Post by jairus on Mon Mar 16, 2009 4:42 am

I wonder, what does big companies do if there is DDOS attack in their site? Let me think

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

Re: What are botnets?

Post by Belahzur on Mon Mar 16, 2009 1:49 pm

Reboot the server.

A DDOS attack floods only one IP adress, so rebooting the server means the IP would change and the DDOS no longer works until whoever has the new IP.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: What are botnets?

Post by jojozzzzz on Tue Mar 17, 2009 11:41 pm

Interesting...



sig made by agent cosmic.

jojozzzzz
Leader
Leader

Posts Posts : 424
Joined Joined : 2008-06-14
Gender Gender : Female
OS OS : vista
Points Points : 31204
# Likes # Likes : 0

View user profile

Back to top Go down

Re: What are botnets?

Post by jairus on Wed Mar 18, 2009 4:44 am

@Belahzur wrote:Reboot the server.

A DDOS attack floods only one IP adress, so rebooting the server means the IP would change and the DDOS no longer works until whoever has the new IP.

Is it easy to find their new IP?

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

Re: What are botnets?

Post by Belahzur on Wed Mar 18, 2009 1:35 pm

Yep.
Worms like Conficker/downadup can get it, backdoor, keyloggers. Port scanning also has the same effect pretty much.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: What are botnets?

Post by Digitalocksmith on Fri Mar 20, 2009 10:02 am

@Belahzur wrote:Reboot the server.

A DDOS attack floods only one IP adress, so rebooting the server means the IP would change and the DDOS no longer works until whoever has the new IP.

Not necessarily......If the attack is conducted on a sufficiently large scale, entire geographical regions of Internet connectivity can be compromised without the attacker's knowledge or intent (ie. Whole IP ranges can be comprimised so simply rebooting and allowing DHCP to allocate new IP's is futile).

Botnets can also launch DOS attacks between the WAN and LAN therefore comprimising complete networks by targeting a single IP (machine).

Those affected are usually lazy with network security as they almost always have incorrectly configured, or flimsy network infrastructure equipment and have never heard of a firewall.

Just my opinion!

:victory:



Digitalocksmith
Leader
Leader

Posts Posts : 625
Joined Joined : 2007-12-22
Gender Gender : Male
OS OS : Windows 7 Ultimate x64 beta 1 (build 7048) - Testing Bluewhite64 Linux 12.2
Points Points : 48921
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum