A
botnet (also known as a zombie army) is a number of Internet
computers that, although their owners are unaware of it, have been
set up to forward transmissions (including spam or viruses) to other
computers on the Internet. Any such computer is referred to as a
zombie - in effect, a computer "robot" or "bot"
that serves the wishes of some master spam or virus originator. Most
computers compromised in this way are home-based. According to a
report from Russian-based Kaspersky Labs, botnets -- not spam,
viruses, or worms -- currently pose the biggest threat to the
Internet. A report from Symantec came to a similar conclusion.
Computers
that are coopted to serve in a zombie army are often those whose
owners fail to provide effective firewalls and other safeguards. An
increasing number of home users have high speed connections for
computers that may be inadequately protected. A zombie or bot is
often created through an Internet port that has been left open and
through which a small Trojan horse program can be left for future
activation. At a certain time, the zombie army "controller"
can unleash the effects of the army by sending a single command,
possibly from an Internet Relay Channel (IRC) site.
The
computers that form a botnet can be programmed to redirect
transmissions to a specific computer, such as a Web site that can be
closed down by having to handle too much traffic - a distributed
denial-of-service (DDoS) attack - or, in the case of spam
distribution, to many computers. The motivation for a zombie master
who creates a DDoS attack may be to cripple a competitor. The
motivation for a zombie master sending spam is in the money to be
made. Both of them rely on unprotected computers that can be turned
into zombies.
According
to the Symantec Internet Security Threat Report, through the first
six months of 2006, there were 4,696,903 active botnet computers.
No comments:
Post a Comment