Overview What is a BotNet? Internet Relay Chat How to become part of a BotNet? What damage can they do? How to combat...
What is BotNet? Bot or Zombie computer.             Programs which respond autonomously to       particular external even...
Types of Bots Some popular Bots :   GT-Bot       Global Threat bot based on IRC clients for window.       Used to cont...
Types of Bots  DSNX      Dataspy Network X bot      Written in C++      New functionality to this bot is very easy and...
Internet Relay Chat IRC stands for Internet Relay Chat. Protocol for real time chat communication. Based on Client-Serv...
Structure of BotNet
Elements of An AttaCk An attacker first spreads a trojan horse, which infects  various hosts. These hosts become zombies ...
How to become part ofBotNet Trojans       Spread by social engineering (Spam, Software Download)       email attachment...
What damage can they do?1. DDoS       Victim is flooded with more request than it can        handle.       used to damag...
   Fraud      Pay per click adware     Harvest large number of Bots to spread adware     Collect Banking details, selling...
How to Combat them? Firewalls/AV Desktop management Education Secure OS Law enforcement       National high tech cri...
How to Combat them? Netstat       Flexible tool available both for Windows and UNIX systems.       Its main function is...
Questions ? & Summary   Botnets        What they are        How they grow        What they do        How to combat
Botnet
Botnet
Upcoming SlideShare
Loading in …5
×

Botnet

966 views
890 views

Published on

Presentaton based on BotNet.which is the network of bots

Published in: Technology
2 Comments
1 Like
Statistics
Notes
No Downloads
Views
Total views
966
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
82
Comments
2
Likes
1
Embeds 0
No embeds

No notes for slide

Botnet

  1. 1. Overview What is a BotNet? Internet Relay Chat How to become part of a BotNet? What damage can they do? How to combat them?
  2. 2. What is BotNet? Bot or Zombie computer. Programs which respond autonomously to particular external events are bots. Network of Bots is BotNet. Operator giving instructions to only a small number of machines. These machines then propagate the instructions to other compromised machines, usually via IRC.
  3. 3. Types of Bots Some popular Bots :  GT-Bot  Global Threat bot based on IRC clients for window.  Used to control the activity of the remote system.  AgoBot  Most popular bots used by crackers.  It is written in C++  It provides many mechanisms to hide its presence on the host computer
  4. 4. Types of Bots  DSNX  Dataspy Network X bot  Written in C++  New functionality to this bot is very easy and its simple plug–in architecture.  SDBot  Written in C  Unlike Agobot, its code is not very clear and the software itself comes with a limited set of features
  5. 5. Internet Relay Chat IRC stands for Internet Relay Chat. Protocol for real time chat communication. Based on Client-Server Architecture. IRC user communication mode  Public  Private. Flexible & allow user to hide identity.
  6. 6. Structure of BotNet
  7. 7. Elements of An AttaCk An attacker first spreads a trojan horse, which infects various hosts. These hosts become zombies and connect to the IRC server in order to listen to further commands. The IRC server can either be a public machine in one of the IRC networks or a dedicated server installed by the attacker on one of the compromised hosts. Bots run on compromised computers, forming a botnet.
  8. 8. How to become part ofBotNet Trojans  Spread by social engineering (Spam, Software Download)  email attachment  SMTP engine Direct infection  Scan and exploit (Blaster…) Exploit  Spread by social engineering (Phishing)  Bad luck (visit the wrong site…)
  9. 9. What damage can they do?1. DDoS  Victim is flooded with more request than it can handle.  used to damage or take down a competitor’s website. Example:  On-line gambling sites (e.g. Total bet)  Anti DDoS by utilising widely distributed DNS and Hosting servers  Hit by DDoS towards their DNS, affected 4% of their customers
  10. 10.  Fraud Pay per click adware Harvest large number of Bots to spread adware Collect Banking details, selling credit card numbers by the thousand Identity Theft ($25 up to $200 for identity with a good credit record) Use of resources Proxy Spam DDoS
  11. 11. How to Combat them? Firewalls/AV Desktop management Education Secure OS Law enforcement  National high tech crime unit  FBI
  12. 12. How to Combat them? Netstat  Flexible tool available both for Windows and UNIX systems.  Its main function is control of the active ports  Netstat examines listening TCP and UDP ports.  Provides detailed information on network activity.
  13. 13. Questions ? & Summary Botnets  What they are  How they grow  What they do  How to combat

×