Sunday, April 18, 2010

Network hacking



Webs’ biggest threat: Botnets

                              By Abir Atarthy


Introduction






Botnets are quickly becoming a growing threat to computer users due to their inconspicuous and diverse methods of taking over computers. Millions of computers around the world are believed to be compromised and the numbers continue to grow. It is important understand this threat and how to avoid it. Are you sure that there is no malicious Bot hiding in your computer??? So carry on with this article to check whether your PC had been infected with Bots.






If you like this article then  please pass your comments. Stay secure and Cheers!
 Q: What's a bot?
A: A bot is a malicious program which has several purposes. 
They are usually told what to do by a botnet admin although many of the features now are automated.



Q: What's a botnet?
A: A botnet is a network of infected computers that all connect to one area where they are commanded by the botnet admin.



Q: What can a bot do?
A: Usual features of a bot include...
  • P2P Spreading (Limewire, uTorrent, etc.)
  • IM Spreading (Sends to contacts on MSN, AIM, etc.)
  • DDoS attacking (See "what's a DDoS attack?")
  • Spam mailing to lists of emails (Often used to spread)
  • Collecting personal information (Passwords, bank details and the like)

Q: How are bots told what to do?
A: Bots are usually commanded through an IRC channel by the user. Commands are built in and the bots listen for them.



Q. Why Bots are used?

A. Bots were originally designed to help transmit spam. Since their creation, they have been modified to engage in illegal activities as well.



Botnets are commonly used for:
  • DDoS (distributed denial of service) attacks
    DDoS attacks attempt to overload a site in order to disrupt business by creating a loss of connectivity or connection bandwidth.Read my previous article "Denial of service attack" for details.
  • Click-fraud
    Certain advertising firms pay website hosts a small fee every time an ad of theirs is clicked on. Some botnets take advantage of this by having computers access the site repeatedly in order to fraudulently obtain payment from the advertiser.
  • Phishing campaigns
    These are used to harvest email addresses. Zombies within a botnet are used to send out spam and
    phishing email in order to collect addresses to add to their spamming lists.
  • Keylogging
    Software is installed that records keyboard activity that is send back to the botnet. Keylogging programs to try to gain your personal information, such as usernames, passwords and credit cards.
  • Host malicious web sites
    Botnets can use home computers to create malicious websites that download malware when accessed.






Q.  How does your computer become a  Bot?
A.  Home computers that have security vulnerabilities are prime targets for botnets. Spammers scan the Internet looking for computers that are unprotected and use these “open-doors” to install malicious software. Another tactic is through phishing or spam emails that contain links or attachments. When clicked-on or opened, malware is then installed on the machine. Furthermore, visiting certain websites can result in malicious software being installed. This malicious software may cause your computer to run slower, your ISP (Internet Service Provider) to shut down your account for spamming, or you becoming a victim of identity theft.



Q.  What are the warning signs?
A. Your computer may be part of a botnet if:



  • Your computer suddenly starts operating slowly or erratically
  • You receive emails accusing you of sending spam
  • You have email messages in your outbox that you didn’t send

Q. How to protect yourself?
A. To prevent your computer from becoming infected:



  • Use up-to-date anti-virus and anti-spyware software
    Look for software that removes viruses and updates itself automatically on a daily basis. Be wary of ads on the Internet offering spyware software, as this might be a ploy to get you to download malicious code.
  • Set your operating system software to download and install security patches automatically
    These security patches released monthly by Microsoft help fix any flaws companies find in their operating system which in turn helps to give your computer the latest protection.
  • Insure that your firewall is turned on
    Firewalls are designed to prevent hackers from accessing your computer by making you invisible on the Internet. They help to block incoming communications from unauthorized sources. Many operating systems like Windows and Mac OS X have built-in firewalls however you may need to check to see if it is enabled. Routers have hardware firewalls. It is especially important to have your firewall enabled if you have a broadband connection because the connection is always open. For more information see
        http://hackingheart.blogspot.com


  • Be cautious about opening any attachments, or downloading any files from emails you receive
    Even if the email is from a friend or co-worker, be careful about what you choose to open since their computer could be compromised. If you send an email attachment, explain in the email what the attachment is.
  • Be careful what you download from the Web
    Only visit sites you trust. It is recommended that you use a web browser that has security features or use a program like 
    SiteAdvisor that checks the status of websites to insure that they are safe to visit and use.

4 comments:

  1. Hi!
    Khub bhalo article.
    But i was expecting much more like Botnet tools etc.

    ReplyDelete
  2. Hi,this is Tanaya Karmakar .This article is good and easy to understand for the startups

    ReplyDelete
  3. Thanks to both of u.
    Regd Botnet tools i will discuss in some other article.

    ReplyDelete
  4. well i used some game bots for auto playing of online games and used scar (color bot)a bit but i am bit more interested on the way the bots can be remotely commanded on IRC channel

    by cyber_alchemist

    ReplyDelete