What are Botnets?
The term Botnet is derived from two words: Robot and
Network. A robot
program is one that runs by itself and can respond to commands. It can be referred to as a “bot”. Thus a Botnet is a network of bots that communicate with a
controller. Botnets are different than other malicious programs that can infect your computers because of they can be controlled by an external host.
Botnets are typically controlled using
Internet Relay
Chat or IRC. IRC is easy and flexible to use and can hide the identity of the attacker. The attacker sets up an IRC
channel to issue commands to the bots in his network. Once the bots are installed in a
computer, they constantly listen for commands on their assigned IRC
channel. The bots also use
authentication and authorization so that only their owner can control them.
How are Botnets Used?
Botnets can be used for the following malicious tasks:
• Distributed
Denial of Service (DDoS) attacks against a specific host are used to shut down the host by overloading it with
traffic.
• Sending
Spam from multiple zombie computers.
• Committing Click Fraud by clicking on links to ads to generate income.
• Identity theft by stealing login ids, passwords, credit card numbers.
How to protect your
computer from Botnets?
Botnets are typically spread by worms that look for vulnerable computers. You should keep your
system updated with the latest
security patches, avoid suspicious mail attachments and be protected by a
firewall.
Affected systems typically experience both
system and communications slowdowns. You can detect if you are infected by a botnet by viewing logs or by using the Netstat command to check for suspicious connections.