What are Botnets
and how to combat them?
Adding to the array of online threats, botnets are yet another serious threat to
your computer system. If you didn't know, or have never heard of botnets, here's a good analogue for it: "A botnet
is comparable to compulsory military service for windows boxes" - Stromberg
Network of hacker-infected computers
Botnets are networks of computers that hackers have infected and grouped together
under their control to propagate viruses, send illegal spam, and carry out attacks that cause web sites to
What makes botnets exceedingly bad is the difficulty in tracing them back to their
creators as well as the ever-increasing use of them in extortion schemes. How are they used in extortion schemes?
Imagine someone sending you messages to either pay up or see your web site crash. This scenario is starting to
replay itself over and over again.
By infecting your computer with their spyware,
botnets can cause denial-of-service
problems to your computer, and even bring whole computer systems down.
Denial-of-service attacksBotnets can consist of thousands of
compromised machines. With such a large network, botnets can use Distributed denial-of-service (DDoS) as a method
to cause mayhem and chaos. For example a small botnet with only 500 bots can bring corporate web sites to there
knees by using the combined bandwidth of all the computers to overwhelm corporate systems and thereby cause the web
site to appear offline.
Jeremy Kirk, IDG News Service on January 19, 2006, quotes Kevin Hogan, senior
manager for Symantec Security Response, in his article "Botnets shrinking in size, harder to trace", Hogan says
"extortion schemes have emerged backed by the muscle of botnets, and hackers are also renting the use of armadas of
computers for illegal purposes through advertisements on the Web."
Combat botnets with Honeypot
One well-known technique to combat botnets is a honeypot. Honeypots help discover
how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised
in order to study how the hackers break the system. Unpatched Windows 2000 or XP machines make great honeypots
given the ease with which one can take over such systems.
A great site to read up on this topic more is The Honeynet Project
(http://project.honeynet.org) which describes its own site's objective as "To learn the tools, tactics and motives
involved in computer and network attacks, and share the lessons learned."
For more details on how to protect yourself while online, read our other article
- Online Security Rules.