Security Academy – Course 105 : Botnets Part 2

Check other parts here:

In part two of this course, we will be talking about the types of attack that can be done from an infected computer with a bot.

Types of attacks

Distributed Denial of Service DDoS is the most common one, where the whole Zombie army will try to bring a published service down by sending millions of requests using Ping of Death, or using ICMP through a reflector (Smurf Attack).

Another technique would be something called (Teardrop) where bots send pieces of an illegitimate packet; the victim system tries to recombine the pieces into a packet and crashes as a result

Mailbomb on the other side is when bots send a massive amount of e-mail, crashing e-mail servers.

Botmasters nowadays will rent their Zombie army to another people for certain amount of money to send spam emails and advertisements or even to do DDoS attacks.

Even worse, botmasters may use botnet to perform some phishing attacks or install key logging programs to steal your credit card information and passwords.

One of the most interesting usage of botnet is to play with internet poll results or performing Click Fraud. Click Fraud refers to the practice of setting up a botnet to repeatedly click on a particular link. Sometimes, crackers will commit Click Fraud by targeting advertisers on their own Web sites. Since Web advertisers usually pay sites a certain amount of money for the number of clicks an ad gets, the botmaster could stand to earn quite a few dollars from fraudulent site visits.

It becomes way dangerous when it comes to Identity theft or unknowingly participate in an attack on an important Web site

How to prevent your computer from becoming one

Prevention is the name of the game here, below you can find some tips to prevent your computers from being a bot:

  • Implement a good Antivirus.
  • Keep your systems patched all the time.
  • Implement a strong firewall.
  • Deploy very complex passwords that are hard to guess.
  • Do not open emails or attachments from people you do not trust.

Sadly, if your computer is already a bot, your options are minimum. Your best shot is to erase everything and format the box.

Check out this YouTube link http://www.youtube.com/watch?v=RTCpCy_FFXc

7 comments on “Security Academy – Course 105 : Botnets Part 2

  1. Pingback: Security Academy – Course 101: Know Your Enemy | Ammar Hasayen - Blog

  2. Pingback: Security Academy – Course 102: Types of Network Damage | Ammar Hasayen - Blog

  3. Pingback: Security Academy – Course 103 : Why in the heck do I get attacked? | Ammar Hasayen - Blog

  4. Pingback: Security Academy – Course 104 : Malware Part 1 | Ammar Hasayen - Blog

  5. Pingback: Security Academy – Course 104 : Malware Part 2 | Ammar Hasayen - Blog

  6. Pingback: Security Academy – Course 104 : Malware Part 3 | Ammar Hasayen - Blog

  7. Pingback: Security Academy – Course 105 : Botnets Part 1 | Ammar Hasayen - Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s