Skip to main content

Welcome to the world of botnets

It's dress-down Friday at Sunbelt Software's Clearwater, Fla., headquarters. In a bland cubicle on the 12th floor, Eric Sites stares at the screen of a "dirty box," a Microsoft Windows machine infected with the self-replicating Wootbot network worm. Within seconds, there is a significant spike in CPU usage as the infected computer starts scanning the network, looking for vulnerable hosts. In a cubicle across the hall, Patrick Jordan's unpatched test machine is hit by the worm, prompting a chuckle from the veteran spyware researcher. Almost simultaneously, the contaminated machine connects to an IRC (Internet Relay Chat) server and joins a channel to receive commands, which resemble strings of gibberish, from an unknown attacker. "Welcome to the world of botnets," said Sites, vice president of research and development at Sunbelt, a company that sells anti-spam and anti-spyware software. "Basically, this machine is now owned by a criminal. It's now sitting there in the channel, saying 'I'm here, ready to accept commands,'" Sites explained. A botnet is a collection of broadband-enabled PCs, hijacked during virus and worm attacks and seeded with software that connects back to a server to receive communications from a remote attacker. And these botnets are everywhere. According to statistics released by Symantec, an average of 57,000 active bots was observed per day over the first six months of 2006.

read more | digg story

Comments

Popular posts from this blog

Iran: A Rummy Guide

To borrow a phrase used for Iraq, there are 'things we now know we don't know.'Back in June 2002, as the Bush administration started pushing hard for war with Iraq by focusing on fears of the unknown—terrorists and weapons of mass destruction—Secretary of Defense Donald Rumsfeld explained that when it came to gathering intelligence on such threats, "absence of evidence is not evidence of absence." Elaborating, Rumsfeld told a news conference: "There are things we know that we know. There are known unknowns; that is to say there are things that we now know we don't know. But there are also unknown unknowns. There are things we do not know we don't know."Now there's a crisis brewing with Iran. And the same basic problem applies: what is known, what is suspected, what can be only guessed or imagined? Is danger clear and present or vague and distant? Washington is abuzz now, as it was four years ago, with "sources" talking of sanctions…