A botnet (also known as a
zombie
army) is a number of Internet computers that, although their owners are unaware of it, have been
set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any
such computer is referred to as a zombie - in effect, a computer "robot" or "bot" that serves the
wishes of some master spam or virus originator. Most computers compromised in this way are
home-based. According to a report from Russian-based Kaspersky Labs, botnets -- not spam, viruses,
or worms -- currently pose the biggest threat to the Internet. A report from Symantec came to a
similar conclusion.
Computers that are coopted to serve in a zombie army are often those whose owners fail to
provide effective
firewalls
and other safeguards. An increasing number of home users have high speed connections for computers
that may be inadequately protected. A zombie or bot is often created through an Internet
port that
has been left open and through which a small
Trojan horse
program can be left for future activation. At a certain time, the zombie army "controller" can
unleash the effects of the army by sending a single command, possibly from an Internet Relay
Channel (
IRC)
site.
The computers that form a botnet can be programmed to redirect transmissions to a specific
computer, such as a Web site that can be closed down by having to handle too much traffic - a
distributed denial-of-service (
DDoS) attack
- or, in the case of spam distribution, to many computers. The motivation for a zombie master who
creates a DDoS attack may be to cripple a competitor. The motivation for a zombie master sending
spam is in the money to be made. Both of them rely on unprotected computers that can be turned into
zombies.
According to the Symantec Internet Security Threat Report, through the first six months of 2006,
there were 4,696,903 active botnet computers.
No comments:
Post a Comment