More on Botnets
While you read, think about these questions: what kinds of people might choose to operate a botnet? Why might they do so? How can botnets be controlled? How big are most botnets?
Let's talk more about botnets. When we use the term botnet, the bot itself is the compromised system, it is the zombie computer that's controlled by crackers. So running of this is automatic, okay. A botnet is a group of bots or a collection of compromised
systems that are running malware like worms, Trojan horses, or backdoor code under a common command and control infrastructure from some, you know, criminal organizations, some criminal syndicate, it could be state-based, okay. And basically the originator
will remotely control these bots using something like IRC – Internet Relay Chat, even though there are other channels that can be used to create a botnet. The bot typically is run hidden and you create a connection from an inside host back through
your perimeter devices, your firewalls, your security routers, back to some fully qualified domain out on the Internet often in some other country. Some of the largest botnets have been recently brought down. Some of these can be huge like a 1.5 million
node botnet was recently brought down. Some people estimate that up to 25 percent of all PCs are participating in some sort of botnet.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 License.