You are here

HomeDennis Faas › Botnet

Botnet

Dennis Faas's picture
by Dennis Faas on May, 19 2009 at 08:05AM EDT

Botnet is a jargon term for a collection of software robots, or "bots," that run autonomously and automatically. The term is often associated with malicious software but it can also refer to the network of computers using distributed computing software.

Zombie Computers and Botnets

While the term "botnet" can be used to refer to any group of bots, the word is generally used to refer to a collection of compromised computers (called Zombie computers) running software, usually installed via worms, Trojan horses, or backdoors, under a common command-and-control infrastructure.

How it works

A botnet's originator (also known as "bot herder," typically a spammer) can control the group remotely, and usually for nefarious purposes.

Many of the new and more experienced botnet operators program their command protocols from scratch. The constituents of these protocols include a server program, client program for operation, and the program that embeds itself on the victim's machine (the "bot"). All three of these usually communicate with each other over a network using a unique encryption scheme for stealth and protection against detection or intrusion into the botnet network.

Automatically Scan and Propagate

A bot typically runs hidden. Generally, the perpetrator of the botnet has compromised a series of systems using various tools (exploits, buffer overflows, as well as others). Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords.

Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community. The process of stealing computing resources as a result of a system being joined to a "botnet" is sometimes referred to as "scrumping."

Internet Pandemic

Several botnets have been found and removed from the Internet. The Dutch police found a 1.4 million node botnet and the Norwegian ISP Telenor disbanded a 10,000-node botnet. Large coordinated international efforts to shut down botnets have also been initiated. It has been estimated that up to one quarter of all personal computers connected to the Internet may be part of a botnet.

This document is licensed under the GNU Free Documentation License (GFDL), which means that you can copy and modify it as long as the entire work (including additions) remains under this license.

Filed under:
Word of The Day
| Tags:
computers
,
program
,
bot
,
botnet
,
software
Rate this article: 
Average: 5 (1 vote)
Need Help? Ask!



My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).

We are BBB Accredited

We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.