A botnet (or as it is often known in security circles, a zombie army), is a collection of personal or business computers or devices that have been compromised by malware or hackers. Unbeknownst to their gentle users, these computers (or ?bots?), are then amassed into vast techno-armies for the purposes of forwarding further viruses or spam to other users, or to conduct large-scale cyber-terrorist attacks such as distributed denial of service (DDoS) or industrial click-fraud.
Botnets use a mixture of convential malware attack vectors (drive-by-exploits, cracked or illegal software, ?free? pornography, etc) and social engineering?to gather fresh recruits. Botnet techniques are particularly insidious in that individual computers often continue to transmit data to its botnet commanders long after the user has detected and ?removed? the initial malware. Once established, they will use well known and trusted internet protocols such as HTTP (World Wide Web) and IRC (Internet Relay Chat) to keep in touch with their victims, and will employ a range of techniques to thwart conventional anti-virus software. AVG?s malware researchers have worked with the wider security population to uncover botnets numbering as few as a couple of hundred zombies to botnets of up to several million!
So, how do you know if you?ve been compromised, and how do you prevent it?
?
How to spot a bot
Beware of sudden, unexpected changes to your online experience:
- If your computer begins to behave erratically or run particularly slowly
- If your friends and family begin to complain that you are sending them spam or malware, or if you have messages in your sent items that you didn?t send
- If your security software detects threats when you aren?t even online
- If your internet usage spikes unexpectedly or your ISP detects strange behaviour from your machine
All of these can be indicators that your computer has been compromised. If you think you are compromised, then we recommend that you run a fully featured?Internet Security scan through your machine, or seek professional assistance. In many cases it is easier and more cost-effective to reinstall your operating system than it is to continue using a computer that is being controlled by a shady third party.
Apart from this, the old adage holds true ? prevention is better than a cure:
?
Update your operating system
Botnets almost exclusively target the Microsoft Windows operating system, primarily because Windows has the lion?s share of the home and business computer market and represents the biggest financial return for the bad guys. Microsoft works as hard as anyone to prevent it?s customers from being infected, so it is absolutely critical that you download the latest updates, including security patches, when and as they are available. Don?t click the ?remind me later? button every four hours (that?s just lazy), and don?t refuse to update your system because you are ?happy with what you?ve got? (that?s just naive and foolish).
?
Use a full internet security suite with behavioural analysis
Conventional anti-virus, whilst it may or may not be successful in fighting off the initial malware attack, is not sufficient to detect or prevent botnet behaviour once the computer has been compromised. Rather than having a piece of software which just scans your hard-drive for known virus signatures, you need software which also scans active processes and launched software based on what it is trying to do.?So, if a harmless and trusted web browser (such as Internet Explorer or Google Chrome) is behaving in a way that is not congruent with normal web behaviour, a full security suite can flag and prevent the communication as malicious. AVG?s unique Identity Protection software, available in AVG Internet Security, is one such behavioural analysis solution.
?
Use both a hardware and software firewall
Firewalls are another critical level of protection in the fight against the zombie army. Open ports are a botnet?s best friend ? Trojans and other malware left on compromised machines will keep specific ports open for the purposes of command and control. Unfortunately, the Windows Firewall is often not sufficient protection ? you need a flexible, two-way firewall that can block both application based and system based communication on the way out as well as on the way in. If you?re a home user, you should also use a hardware firewall, which are included as a standard feature with most of today?s modems and routers. If you are directly connected to the internet, with no hardware or software firewall between you and the bad guys, you are effectively at their mercy regardless of any other security software you run.
?
Control your behaviour
Finally, it is critical that you don?t lose sight of the fact that the online world, with all its bright lights and apparent anonymity, is just as dangerous as any other (if not more so). It only takes one visit to a dodgy site or one piece of illegally downloaded software to become part of a botnet, and the consequences will usually far outweigh the advantages. Treat the internet with respect, don?t expect that it will be able to do the impossible for you, and you and it should get along fine.
?
Until next time, stay safe out there!
?
?
Source: http://resources.avg.com.au/security_risks/botnets/
kurt busch nba dunk contest 2012 act of valor woody guthrie benson henderson 2012 dunk contest edgar vs henderson
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.