427 Botnet fm qxd

The November 17 issue of 
E-WEEK’s
online magazine featured the news
that the recent surge in penny stock and penile enhancement spam was being
carried out by a 70,000-member botnet operated by Russian botherders. If
left unabated, the botnet plague could threaten the future of the Internet, just
as rampant crime and illegal drug use condemn the economic future of real
neighborhoods.
Examine the extraordinary case documented by McAfee in its white
paper, “Killing Botnets—A view from the trenches,” by Ken Baylor and Chris
Brown. Even though the conclusion of the paper is clearly a sales pitch, the
case it documents is real and potentially prophetic. In March of 2006, McAfee
was called in to, in essence, reclaim a Central American country’s telecommu-
nications infrastructure from a massive botnet. In the first week of the
engagement McAfee documented 6.9 million attacks of which 95 percent
were Internet Relay Chat (IRC) bot related.The national telco reported the
following resulting problems:
■
Numerous network outages of up to six hours
■
Customer threats of lawsuits
■
Customer business disruptions
■
Lengthy outages of bank ATM service
Since January 2005, Microsoft has been delivering the Windows Malicious
Software Removal Tool to its customers. After 15 months, Microsoft
announced that it had removed 16 million instances of malicious software
from almost six million unique computers. According to the Microsoft report
“Progress Made,Trends Observed,” bots represented a majority of the
removals. Use of the tool is voluntary; that is to say, the vast majority of
Microsoft users are not running it. Before someone interprets these numbers
as positive, remember that this action is reactive.The computer was success-
fully infected and put to some use prior to being detected and removed. A
Microsoft patch was released during the last week of 2006, and within three
days after the release, exploits for those patches were already being distributed
throughout the Internet.
Consider the power in one botnet attack alone, the distributed denial-of-
service (DDoS) attack. A small botnet of 10,000 bot clients with,

Download 6,98 Mb.

Do'stlaringiz bilan baham: