What is a Botnet?
Well, in a nutshell, a Botnet is a internetworked series of computers which are running distributed software.
The more notorious form of Botnet (and the topic of this post) typically infects other computers using a variety of attacks and vulnerabilities, increasing their overall size and computing power. You might hear the term “zombie computer” associated with a malicious Botnet – this is accredited to an unwilling participant (computer) in a Botnet, controlled remotely.
Tell me more
As you might know, there has been a massive increase in the scale and complexity of Botnets over the past few years. Recently, Microsoft Security has published a fairly comprehensive report on the nature of Botnets and also how to defend your IT assets from becoming part of a Botnet.
More on the report published by Microsoft:
“This is the first time that Microsoft has released this depth of intelligence on botnets. Over the years, there have been plenty of industry security reports published on botnets, but this report is based on data from 600 million systems worldwide and some of the busiest online services on the Internet like Bing and Hotmail. Microsoft cleaned botnet infections from6.5 million systems in just 90 days in 2010-helping to free the owners of those systems who, unwittingly and unknowingly, were potentially being used by cyber criminals to perpetrate cybercrimes.“
This is not just a high level report for the casual IT professional; it contains much more and is worth setting aside some time to review. There is a section dedicated to some suggested ways to fight back against Botnets including detection, analysis and even a section on honeypots and darknets (of which this author has a decent amount of knowedge, I might add).
If you have anything to do with network security, distributed software on the Internet this is one report worth the read.