A botnet is a collection of infected computers remotely controlled by a hacker. The hacker infects computers with malicious software that allows them to communicate with a central command and control server over the internet. From this server, the hacker can send commands anonymously to the infected computers, which will then execute tasks without the owners' knowledge. To prevent infection, users should keep software updated, use firewalls, and avoid clicking links in suspicious emails.

1.  What is a botnet?
 How do they work?
 Solution
1

2.  A botnet is a collection of infected computers
that are remotely controlled by a hacker
 Once a computer is infected with malicious
software (bot), the hacker can control the
computer remotely over the Internet. From
then on, the computer is a zombie, doing the
bidding of the hacker, although the user is
completely unaware. Collectively, such
computers are called a botnet
2

3. 1. hacker infected victims with bot
hacker victim
C&C server
3

4. 2.bot connects to the C&C
server using HTTP,IRC or
other protocol
victim
C&C server
Hacker
4

5. 3.Botmaster sends
commands
through C&C server to
zombie
hacker victim
C&C server
5

6. 4.Repeat these process and
Hacker have bot army to
Control from a single point
hacker
Victims, zombies
C&C server
6

7.  Keep up-to-date with security patches Hackers
frequently exploit vulnerabilities in operating systems and
programs
 Use firewalls A network firewall is installed at your
organization’s boundary and admits only authorized types
of traffic
 Don’t follow links in unexpected emails Links in
unexpected emails can take you to bogus websites
7