'Botnets' Taking Control Away From Users, Enterprises
These software robots are letting the bad guys use networks of thousands of Internet-connected computers to do their bidding. So how do we stop 'em?
March 25, 2005
The botnets, which can consist of up to 50,000 machines under a common control, can be used for distributed denial-of-services attacks, spam generation, traffic sniffing and keylogging, installing browser helper objects, identity theft, or manipulating the results of online games or ad tracking. For the corporate network, the main impact is on bandwidth, because botnets generate high levels of traffic in TCP, UDP and IRC protocols. There are now hundreds of botnet application variants using your enterprise's computing and networking resources, according to antivirus software vendors.
The HoneyNet Project describes how "Honey Nets" can be set up to watch the 'bots at work, and how to defend against them. The two prime defenses are solid firewall rules and user training that stresses safe computing practices. Visits to unknown sites and opening unexpected attachments are no-nos--unless you like the idea of giving your bandwidth to the 'bots.
Read more about:
2005You May Also Like