EFFECTS / Results can be devastating including:
- DDoS – bombardment of requests/packets/traffic rendering systems/network inoperable
- email spam that can be annoying but quickly lead to malicious / exploitation software and remote control of systems
- keylogger (identity theft)
- spyware and the likes that can lead to data exfiltration
- adware that can alter webpages or click fraud for traffic redirect
- DNS for misguided requests leading back to phishing and malware
- IRC chat networks, and of course worms that pilferate the networks/systems
PREVENTION can be knowing your environment, network and application baselining for traffic and network behavior analysis; usual software/patching updates being current; cyber awareness and training;
IDENTIFICATION typically includes
- anomalies in traffic patterns
- IRC traffic (port 6667)
- port 25 for spamming and outbound SMTP traffic
- port 1080 for proxy servers
- DNS requests
- C&C Command and Control triggers which next-gen firewalls and AV should have
- increased popups
- spike in CPU or network usage
ERADICATION via botnet removal software including freeware BotHunter, Kaspersky, BotRevolt and others including rootkit detection/clean up packages. IP address block, reputation blocking and HoneyPots can be a source for helping in the scenario. That said, a plethora of vendor packages some under the term of Next-Gen Endpoint Protection address the detection / isolation / eradication of botnets...
Known Botnet list: Agobot, SDbot, mIRC-based; DSNX, q8, kaiten, Perl-based; Grum, Zeus, Conficker, Torpig, Sality, Cutwail, Tinba, Uptre, Ramnit, Windigo, Beehonem, Cutwail, Glupteba, ZeroAccess,
Also, useful sites for reference resource SANS
5EF21ADA93
ReplyDeletekiralık hacker
hacker arıyorum
tütün dünyası
hacker bulma
hacker kirala
7889430B
ReplyDeleteesçort yozgat
alaşehir esçort
çerkezköy esçort
yeşilyurt esçort
esçort siirt
bingöl esçort
akhisar esçort
esçort ardahan
silifke esçort