Check other parts here:
- Know Your Enemy
- Types of Network Damage
- Why in the heck do I get attacked?
- Malware Part 1
- Malware Part 2
- Malware Part 3
- Botnets Part 1
In part two of this course, we will be talking about the types of attack that can be done from an infected computer with a bot.
Types of attacks
Distributed Denial of Service DDoS is the most common one, where the whole Zombie army will try to bring a published service down by sending millions of requests using Ping of Death, or using ICMP through a reflector (Smurf Attack).
Another technique would be something called (Teardrop) where bots send pieces of an illegitimate packet; the victim system tries to recombine the pieces into a packet and crashes as a result
Mailbomb on the other side is when bots send a massive amount of e-mail, crashing e-mail servers.
Botmasters nowadays will rent their Zombie army to another people for certain amount of money to send spam emails and advertisements or even to do DDoS attacks.
Even worse, botmasters may use botnet to perform some phishing attacks or install key logging programs to steal your credit card information and passwords.
One of the most interesting usage of botnet is to play with internet poll results or performing Click Fraud. Click Fraud refers to the practice of setting up a botnet to repeatedly click on a particular link. Sometimes, crackers will commit Click Fraud by targeting advertisers on their own Web sites. Since Web advertisers usually pay sites a certain amount of money for the number of clicks an ad gets, the botmaster could stand to earn quite a few dollars from fraudulent site visits.
It becomes way dangerous when it comes to Identity theft or unknowingly participate in an attack on an important Web site
How to prevent your computer from becoming one
Prevention is the name of the game here, below you can find some tips to prevent your computers from being a bot:
- Implement a good Antivirus.
- Keep your systems patched all the time.
- Implement a strong firewall.
- Deploy very complex passwords that are hard to guess.
- Do not open emails or attachments from people you do not trust.
Sadly, if your computer is already a bot, your options are minimum. Your best shot is to erase everything and format the box.
Check out this YouTube link http://www.youtube.com/watch?v=RTCpCy_FFXc