427 Botnet fm qxd

can be a valuable source of information, and be used as evidence in
possible criminal investigations or civil suits against an attacker.
Copies of spam being sent by the botnet, files stored by the botnet,
and even the hard disk itself may be useful as evidence and provide
information on what the botnet is doing with hosts on your
network.
Tools like disassemblers can be used to disassemble a botnet and view
its code. Using these tools, you can find a significant amount of
intelligence regarding the botnet, including how it works, what it
accesses, and who it’s communicating with.
Places/Organizations Where 
Public Information Can Be Found
Numerous organizations and sites on the Internet provide
information on botnets that have been active on the Internet.These
include vendors that manufacture tools to safeguard systems or
remove viruses and malware, security sites that provide information,
mailing lists, and discussion groups.
Sites that provide antivirus, antimalware, and antispyware tools often
provide additional information on known botnets. Information
includes proper removal procedures, how the botnet works, and its
purpose or functions.
Public organizations provide whitepapers, articles, statistics, and other
information that can aid in protecting systems, and understanding the
threat botnets pose.They often provide additional methods of
discussing botnets with other security professionals and those who are
dealing or have dealt with botnet problems.
Membership Organizations and How to Qualify
Some organizations require incumbents to meet specific criteria
before membership is given.The requirements may include working
in a specific field, for a certain type of organization (such as a

Download 6,98 Mb.

Do'stlaringiz bilan baham: