Printer Friendly

Spot the bot.

A "bot" is a small software program that is often used on Internet Relay Chat (IRC) channels to gather information or interact with human users. Some bots on IRC are used by hackers to control "botnets," or a series of tens of thousands of compromised computers, according to Know Your Enemy: Tracking Botnets, a paper from The Honeynet Project & Research Alliance.


Botnets pose a huge threat because they can be used to launch distributed denial-of-service (DDoS) attacks on any chosen target. The paper explains that even a "relatively small botnet with only 1,000 bots" can carry out an effective DDoS attack because home PCs have enough combined bandwidth to overwhelm "the Internet connection of most corporate systems."

Botnets can also be used to facilitate spamming and to sniff traffic to look for clear-text data that passes by a compromised machine. In addition, they can be programmed to carry out keylogging, to attack other IRC channels, and to perform other malicious behavior.

The Honeynet researchers used only three machines located in Germany to collect information on how bots work and how they are used to control botnets.

Once they learned the IP address of a botnet server or an IRC channel name and password from the captured packets, they could "connect to the botnet and observe all the commands issued by the hacker." They even were able to see botnet owners discussing their networks, and learned that "even unskilled people can run and leverage a botnet."

Some of the paper becomes highly technical, with demonstrations of IRC commands used to launch a DDoS attack. But it also provides an excellent overview of different types of bots and the variety of threats they pose to corporate networks, valuable information for security pros to know.

@ The Honeynet Project's paper is available through SM Online.
COPYRIGHT 2005 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2005 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Tech Talk; botnets
Author:Piazza, Peter
Publication:Security Management
Article Type:Brief Article
Date:Jul 1, 2005
Previous Article:Wireless assessments.
Next Article:Defining moments.

Related Articles
UK tops league of top bot countries.
I, Bot: new computer worms are carrying software agents called bots that can use your network to send spam, launch attacks, and infect other...

Terms of use | Copyright © 2018 Farlex, Inc. | Feedback | For webmasters