Botnets

Botnets

by Javantea aka. Joel R. Voss
Sept. 7, 2006
Essay format

Introduction

Botnets are:

Botnets are possible because:
Patches: Prevention:
Thesis:

History of Botnets

1) Ou, George. "Vulnerability statistics for Mac and Windows." URL: http://blogs.zdnet.com/Ou/?p=165 February 28, 2006
2) Sullivan, Bob. "'Sasser' infections begin to subside." URL: http://www.msnbc.msn.com/id/4890780 May 5, 2004
3) Voss, Joel R. "phpBB Vulnerability Analysis." URL: http://www.altsci.com/concepts/phpbb1.html Dec 20, 2004
4) Voss, Joel R. "AWStats and Mambo Vulnerability Analysis." URL: http://www.altsci.com/concepts/mambo1.html Jun 16, 2006

Methods of Botnets

Services (Sasser):

5) Department of Homeland Security. "DHS Recommends Security Patch to Protect Against a Vulnerability Found In Windows Operating Systems." URL: http://www.dhs.gov/dhspublic/display?content=5789 August 9, 2006
6) Voss, Joel R. "LSASS Vulnerability Analysis." URL: http://www.altsci.com/concepts/lsass1.html May 1, 2004

Different Rules:

7) aorth @ mac.com. "Hacking the Hackers." URL: http://pancakebunny.org/dedicaticon/ December 17th, 2005

Clients (IE6):

8) Wesson, Rick. "Abuse and the Global Infection Rate." Defcon 14. Aug 2006.

Botnet Authors:

How to:

Multi-platform:

Tracking Botnets

Tracking an evil botnet:

Sasser:

Run a Patched Server:

Output of a Botnet:

9) Voss, Joel R. "Spam Server Analysis." URL: http://www.altsci.com/concepts/spam1.html Jan 9-Aug 26, 2006

Honeypots:

Tor:

Destroying Botnets

Destroying a Botnet:

Attacks:

Botnet Defense:

Hands-on Tutorial? Yes.

Future of Botnets

The End of Botnets:

10) Stamos and Stender. "Attacking Web Services: The Next Generation of Vulnerable Apps." Defcon 13. July, 2005

A New Hope:

Operating systems:

11) Lemos, Robert. "Microsoft defends Vista by mixing up memory." URL: http://www.securityfocus.com/brief/222 2006-06-02

Non-preventable:

Philosophy of Botnets

Why:

Without black hats:

What to do?

Questions?

Javantea aka. Joel R. Voss
AltSci Concepts
Neg9: http://Neg9.org/
jvoss@myuw.net