Fortress Data Protection

A botnet is a network of compromised computers that can be remotely controlled by an attacker. The individual computers are sometimes called zombies.

Hackers infect computers, usually via email or websites, and group them together under their control to send illegal spam, carry out attacks on web sites, or propagate viruses.

It’s usually quite difficulty to track down the owners or operators of the botnets, who are sometimes called Botmasters. A disturbing trend is an increasing use of botnets in extortion schemes. How? Imagine someone sending you messages to either pay up or see your web site crash.

Botnets can consist of hundreds of thousands of compromised machines. Such large networks can be used in Distributed Denial-of-Service (DDoS) attacks. These attacks seek to make websites unusable, as servers are inundated with targeted bogus traffic. The affected web sites are made to appear offline.

Some security researchers are using Honeypots to combat botnets. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised in order to study how the hackers break into or use the system.

Hobbyists can run a Honeypot. But they must be exposed to the Internet, not usually behind an effective firewall. Routers for small offices often have a “DMZ” setting that allows a Honeypot to be deployed even in a small network.

A great site for more information on this topic is The Honeynet Project (http://project.honeynet.org) which describes its objective as “To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.”

Filed under: Blog by Dr. David Johnson