More on Botnets

While you read, think about these questions: what kinds of people might choose to operate a botnet? Why might they do so? How can botnets be controlled? How big are most botnets?

Let's talk more about botnets. When we use the term botnet, the bot itself is the compromised system, it is the zombie computer that's controlled by crackers. So running of this is automatic, okay. A botnet is a group of bots or a collection of compromised systems that are running malware like worms, Trojan horses, or backdoor code under a common command and control infrastructure from some, you know, criminal organizations, some criminal syndicate, it could be state-based, okay. And basically the originator will remotely control these bots using something like IRC – Internet Relay Chat, even though there are other channels that can be used to create a botnet. The bot typically is run hidden and you create a connection from an inside host back through your perimeter devices, your firewalls, your security routers, back to some fully qualified domain out on the Internet often in some other country. Some of the largest botnets have been recently brought down. Some of these can be huge like a 1.5 million node botnet was recently brought down. Some people estimate that up to 25 percent of all PCs are participating in some sort of botnet.

Creative Commons License This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 License.

Last modified: Tuesday, November 17, 2020, 10:36 PM