This article is designed to explain botnets, give an example of usage, and provide some good examples. [What] A botnet is a group of computers or servers all compromised with the same backdoor. The interesting thing about botnets is that these backdoors often have the ability to interact with other members of the botnet, and can also be controlled by the botnets owner. This can result in a single command, e.g. DDoS Microsoft.com, to flow down a chain of command in an instant, telling each member of the botnet to follow it. They also often leave backdoors accessible to the botnet user, and some even have built-in protocols for updating themselves. There are multiple chains of command that have been used in botnets, and these are: P2P botnets, using these a command can be sent by the hacker to a single member of the botnet, and this single botnet will pass the command on to a handful of other members, which will carry on the chain and so on and so forth. the advantages of this are you cannot stop the botnet by taking out one member, but you would have to block the botnet completely. The problem is it is easy for individual bots to become separated from the rest of the net, usually resulting in being fixed. Heirarchial botnets, which have different members assigned “ranks” in the command chain and are given specific bots to manage. Using this, the hacker might send a command to 4 different bots, which each pass the message on to 100, which each pass it on to 100. The problem with these is that the botnet can be shut down by removing the hack from one of the higher-up bots. The good thing about these is they can be very easily automated, and can pass reports of the computers up the chain as well as pass exploit upgrades down. and single server bots, which all take their commands from one computer, these are very easy to make but are near enough useless. Botnets can be propagated by the hacker themselves, eg whenever they root a server or trojan a computer they add their program in too, run it and that computer becomes a bot. Another way is by mimicing worms and spreading through emails, p2p or instant messaging. Be imaginative, there are many ways of propagating that havent been tried yet. [usage] I will give an example of how a p2p botnet would be structured. The bots propagation method is by exploiting a flaw in the security system of linux, and uses it to get root access. The bot has a p2p structure, and can pass patches down the chain as well as commands. The bot is automated by adding any computers it hacks to its own list of child bots(ones under its own command), and runs a check similar to ping to test if the net is up on the child before sending commands/patches. [Famous Examples] The storm worm: This is an email-spread worm that takes over windows machines and injects a driver into the windows kernel to keep root. It currently has control of between 1- and 10- million windows machines around the world. It is extremely flexible, and has avoided gaining a signature for a massive amount of time. There are many of examples on wikipedia of these, and google yields some interesting results. |
Botnet : What Is It?
0
comments
vic
-
Sponsor
Cyber Security, News & Support, and Technology. Follow Us, Stay Connected and Be Safe.
Share It With Friends
Blog Archive
-
▼
2011
(609)
-
▼
November
(100)
- HACK FACEBOOK PASSWORD OR ACCOUNTS REMOTELY
- SQL Injection - Basics : HOw To
- 25 Worst Passwords of 2011 [STUDY]
- HOW TO: Protect Your Company’s Passwords
- 5 Tools for Keeping Track of Your Passwords
- Create a Google+ Fan Page - Latest feature on G+
- The Dirty Details of Facebook's Porn Attack
- Facebook currently has 4 VIRUSES:
- PLAY WITH CD DRIVE ***
- How to fool a Keylogger
- Making ur XP Genuine Windows Genuine Advantage Val...
- 1000 Hacking Tutorials Downloadable
- 36 Graphics & Design Ebooks
- 10 Fast and Free Security Enhancements
- 100+ Tech Ebooks
- Format a HDD with notepad
- Here is a list of 50+ FTP sites that will allow yo...
- Converting Large Size(4.7GB) to small size(100MB)
- Unable to build kernel module bug fixes in Vmware ...
- 10 things to do after installing Ubuntu 11.10
- How to install Cpanel on virtual private server VPS
- How to download Youtube Videos in Ubuntu 11.10
- HACKING WITH BEAST TROJEN
- HACKING WIFI WITH SIMPLE COMMANDS
- TRACE PHISHING HACKING
- HACK TO RUN PS2 GAMES ON PC
- PHISHING EXPLOITS
- SQL INJECTION TUTORIAL
- BREAK XP ADMIN PASSWORD
- RECOVER WINDOWS PASSWORD
- HACKING WINDOWS PASSWORD
- Windows 7 Cheat List
- Blocking Ultrasurf with a Sonicwall Application Fi...
- PLAY PS3 GAMES ON YOUR PC
- Botnet : What Is It?
- WEP Cracking( In Just 2 Minutes )
- Trace An Email weather its real or fake
- Remove shutdown from start menu
- Create Bad sectors on hard disks
- Hacking a website or its member section
- Hacking Video Tutorials
- (Reverse Engineering) Cracking Video Tutorials (ReUp)
- 5 TIPS TO SECURE WIFI NETWROK
- Microsoft ASP.net || 2008 Visual Basic College Cla...
- MAKE INVISIBLE XP ACCOUNT
- INSTALL XP WITH IN 10 MINUTESS
- How to hack web cam of Yahoo messenger
- How To Call Your Friends From THeir Own Cell Number".
- How to intrude in the PC which is shut downed at C...
- Oracle Hacking Tool Released
- HOW TO INSTALL GOOGLE CROME OPERATING SYSTEM
- ALL DOS COMMANDS
- Are Proxy Sites Safe
- How Linux boots
- How to hack/change your Windows XP Boot Screen
- How To Save Flash File from a Website
- Top 10 Facebook Hacks
- Android facial recognition based unlocking can be ...
- Burp Suite Pro v1.4.03 released - CSRF generator, ...
- Bizztrust : The Most Secure Android Phone
- myOpenID XSS : One of the Largest OpenID provider ...
- PwnieExpress : Pentesting suite for the Nokia N900
- Volatility 2.0 - Advanced Memory Forensics [With V...
- FOCA 3.0 - Network Infrastructure Mapping Tool Fre...
- The Hacker’s Choice releases SSL DOS Tool
- Duqu Analysis and Detection Tool by NSS Labs
- Cross Site Scripting Vulnerability in Speed Bit Se...
- w3af v.1.1 - Web Application Attack and Audit Fram...
- Burp Suite Pro v1.4.03 released - CSRF generator, ...
- Computerized Prison doors hacked with vulnerabilit...
- CrySyS Duqu Detector Open source Toolkit Released
- Possible Credit Card Theft in Steam Website Hacking
- Transform your windows 7 to Mac os X
- Reiluke Admin login Page Finder Tool + Tutorial Ho...
- MOBILE CHEAT STUFF FOR NOKIA PHONES
- HACK TO BYPASS TRIAL PERIOD EXPIRATION
- AUTOMATIC SEARCH CRACKS, SERIALS OR KEYGENS ON THE...
- HACKING OF VARIOUS SITES!!.. PREMIUM ACCOUNTS..!!....
- ACCESS DATA OF A PASSWORD PROTECTED USER IN WINDOW...
- AIRTEL GET 10 RS BAL. HACK TRICK
- HACK FACEBOOK PASSWORD OR ACCOUNTS REMOTELY(**AMAZ...
- UPDATE UR FACEBOOK STATUS 'VIA NASA SATELLITE'
- TURN ON YOUR PC IN JUST 15 SECONDS
- HOW TO CHAT WITH GOD ON INTERNET(REALLY SURPRIZING)
- HACK A WEBSITE USING REMOTE FILE INCLUSION
- MAKE PHISHER : PHISHING TUTORIAL FOR ANY WEBSITE |...
- 3 HACKS FOR FIREFOX THAT WILL DOUBLE YOUR INTERNET...
- HOW TO HACK / BYPASS CYBEROAM(BASIC)
- HOW TO DETECT KEYLOGGER ON YOUR SYSTEM AND UNINSTA...
- GIVE MATRIX DIGITAL EFFECT IN COMMAND PROMPT
- UNLOCKING NOKIA,LG,SAMSUNG,MOTOROLA & ALL MOBILE
- Drivers For CHINA MOBILES, PC SUITE & USB DRIVERS
- COPY AND PASTE MULTIPLE TEXT AT ONCE
- AIRTEL 2G/3G FREE AND FAST GPRS TRICK FOR MOBILE A...
- USE YOUR PEN DRIVE AS VIRTUAL OS
- A CLOSER LOOK AT A VULNERABILITY IN GMAIL
- HOW TO ACTIVATE AUTOREPLY TO INCOMING MAILS
- TRICK TO BYPASS GMAIL MOBILE VERIFICATION WHILE CR...
- FACEBOOK:NEW VULNERABILITY FOUND
- FREE EBOOK DOWNLOAD:COMPUTER VIRUSES FOR DUMMIES
-
▼
November
(100)
About Me
Tag Cloud
Admin Tools
(16)
Adobe
(1)
Adsense
(12)
Airtel Hacks
(1)
Android
(9)
Anonymous Hackers
(2)
Apple
(14)
Applications
(3)
ATM Machine
(1)
Backtrack
(3)
Batch Files
(1)
Blackberry
(1)
Blogger
(17)
Browsers
(1)
Bugs
(2)
Business
(1)
C source code
(2)
Camera Hack
(1)
Chat
(1)
Chrome Os
(1)
computer_tricks
(122)
Computing
(4)
Corporate
(9)
Cracks
(5)
Crimes
(2)
Cyber Attacks
(12)
Cyber Crimes
(4)
Cyber Security
(51)
Cyber Threat
(19)
cyber_news
(30)
Database Hacking
(8)
Defaced
(2)
Dos
(1)
Dos Commands
(1)
Dos Tricks
(2)
Downloads
(7)
E_Books
(8)
Easy Applications
(6)
Email Security
(1)
Emails
(2)
Encryption Tools
(2)
Entrepreneur
(3)
Ethical Hacking Tools
(53)
Ethical Hacking Tutorial
(134)
Ethical Hacking Videos'
(12)
examples
(5)
Exploit
(19)
Facebook
(36)
Fakes
(1)
Featured
(19)
Footprinting
(3)
Gadgets
(20)
Gadgets_news
(14)
games
(3)
Gmail
(5)
Google
(32)
Google Dorks
(2)
Google+
(17)
Hacked
(3)
Hackers
(16)
Hacking
(74)
Hacking News
(4)
Hacking Softwares
(139)
Hacking Techniques
(112)
Hacking Tools
(144)
Hacking_news
(45)
Hacking_terms
(38)
Hackng with Mobile
(4)
Internet_Tricks
(3)
Java-Script Hacks
(1)
Keyloggers
(2)
Keys
(1)
Laptops
(1)
Latest Mobile Phones
(3)
Lecture
(1)
Linux
(6)
Loophole
(10)
Making Applications
(1)
Metasploit
(1)
Mobile
(11)
Mobile Applications
(3)
Mobile_tricks
(15)
Network Security
(6)
news
(50)
Nokia
(2)
Notepad Hacks
(1)
Operating Systems
(11)
Oracle
(1)
Password Cracking
(9)
Pendrive
(3)
penetration testing
(32)
phase_hacking
(9)
phishing
(6)
Photoshop
(11)
Programs
(1)
Protection Tools
(17)
Proxy
(2)
Scripting
(1)
Secure Computing
(38)
Security Bleach
(5)
Seminars_Work Shops_Demo
(5)
SEO
(15)
shell
(2)
shortcuts
(2)
Social Networking
(6)
Software
(70)
source
(4)
source code
(4)
SQL Injection
(9)
System security
(30)
Techie
(4)
Technology
(5)
The Pirate Bay
(1)
Torrent
(1)
Touch
(5)
Ubuntu
(3)
Updates
(2)
Video Tutorials
(4)
Virus
(20)
Vulnerability scanner
(9)
Vulnerable
(11)
Web Security
(13)
Web Traffic
(1)
Wifi Cracking
(2)
Windows
(7)
Windows Xp Tricks
(4)
Wireless hacking
(7)
workshop
(2)
Workshops and Seminars
(2)
worms
(1)
Xss Attack
(2)
Yahoo Messenger
(1)