Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
A Botnet by Any Other Name
Gunter Ollmann, 2009-05-01

The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown — and currently unnamed — botnet consisting of some 1.9 million malicious agents.

Comments Mode:
A Botnet by Any Other Name 2009-05-19
Liran chen (1 replies)
Re: A Botnet by Any Other Name 2009-05-29
Shane Coursen
A Botnet by Any Other Name 2009-06-12
Anonymous
A Botnet by Any Other Name 2009-06-12
BotBlaster
After years of helping administrators of many servers fight off bots that have been planted on their servers, I have come to the conclusion that the U.S. governemnt (from my personal experience) has no understanding of how widespread botnets are. We cannot act as if this is a new technology, it has been happening for years now. I myself have done much analysis on these bots when these servers get compromised which usually ends up with me in an IRC chatroom with several hundred bots and a controller or two trying to find out just what their purpose is. usually my visit ends with the botherders attacking my connection with floods and bringing me down for an hour or so. Almost NONE of the major IRC networks take botnets seriously and you can find huge botnets hanging out on almost every one. At one time and I have't been there in a while, ICQ's network was plastered with rooms full of botnets. As recently as a month or so ago I was in a private IRC server that was running on odd ports in Brazil, which happens to be the second time in the last year I have talked with botherders from Brazil. It's not worth the bother to contact the FBI or any authorities I have yet in several years and several cases seen them do anything about these botnets or even display any kind of concern. There is other concern too as a few years ago we were watching gigantic botnets in North Korea and other far eastern countries trying to figure out what their plans were and our assumption was these had to be government controlled or government sponsored as if they were gearing up for cyber war. Nobody is taking this as seriously as it really should be right now and eventually something VERY BAD is going to happen because of it, this is not an ignore it and it will go away type of thing, it is growing in size, growing in power and eventually somebody is going to build one that takes down or destroy some very important things or in a worst case scenario gather some very sensitive data that will be used to cause mass destruction.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/501/35481#35481




 

Privacy Statement
Copyright 2009, SecurityFocus