|
|
BotNets the Killer Web Applications
Throughout 2006, technical security conferences have been discussing the latest “killer Web app.” Unfortunately, this Web technology works for the bad guys. With funding from organized crime and spam lords, a generation of talented hackers without morals has created a devastating arsenal of deadly toys, in the form of botnets. Norman Elton and Matt Keel from the College of William & Mary in the 2005 presentation “Who Owns Your Network?” called bot networks “the single greatest threat facing humanity.”This may be an exaggeration, but Botnets are arguably the biggest threat that the Internet community has faced. John Canavan, in a whitepaper titled “The Evolution of Malicious IRC Bots,” says that Botnets are “the most dangerous and widespread Win32 viral threat.”According to the cover of eWEEK magazine for October 16, 2006, we are “Losing the Botnet War.”The article by Ryan Naraine titled “Is the Botnet Battle Already Lost?” describes the current state of the Botnet environment: Botnets are “the key hub for well-organized crime rings around the globe, using stolen bandwidth from drone zombies to make money from nefarious Internet activity.” (for more information, go to www.eweek.com/article2/0,1895,2029720,00.asp.) By contrast the security response is in its infancy with several vendors releasing version 1 of botnet-related products. Badly needed intelligence information is locked away with only the slightest means of communicating it to the security professionals that need it.There isn’t any such thing as an information security professional security clearance. One vendor told us that the quality of their product depends on the quality of their intelligence sources and then went on to say that they could give us no information that could vouch for the quality of their intelligence sources.
Our early weapon against botnets involved removing the bot server, the strategy of “removing the head of the serpent.” Recent articles about the state of the security profession response to botnets have lamented the discovery that we are not fighting a snake, but rather, a hydra. It has not one head but many and cutting off one spawns two to replace it. Much has been made of the loss of this weapon by the press. In the article, several security professionals admit that the battle is lost. In real warfare, generals must battle the enemy, but just as important, they must battle against the loss of morale. Many of the security professionals who pioneered the fight against botnets are demoralized by the realization that taking out the Command and Control (C&C) server is no longer as effective as it once was. Imagine how the first invading army that encountered a castle felt. Imagine the castle owner’s reaction upon the invention of the siege tower, catapult, or mortar.Yet, in the years following the introduction of each of these weapons, castle design changed. A single wall surrounding the castle became a series of walls.The rectangular castle shape gave way to irregular shapes intended to deflect instead of stopping enemy weapons.The loss of a major weapon doesn’t mean the loss of the war unless the general lets morale plummet and does not evolve to meet the new environment.
This book will attempt to add new soldiers and new weapons to the battle. In doing so, the authors hope to stem the tide of lost morale and help security professionals regain focus. It is necessary to lay a foundation for deeper discussions.
This chapter describes the current state and how we got to this place.We come from many levels and as such we must start from the very beginning. What is a botnet? In its simplest form, it is an army of compromised computers that take orders from a botherder.A botherder is an immoral hacker who uses the botnet for financial gain or as a weapon against others.
Download Link
All rights reserved. All other trademarks appearing on on this site are the property of their respective owners. We don't store any files on this server, we just index the link from the other website.
|
|
|
|
