Botnets: The Killer Web Applications

Craig Schiller, Jim Binkley

  • 出版商: Syngress Media
  • 出版日期: 2007-02-01
  • 定價: $1,813
  • 售價: 6.0$1,088
  • 語言: 英文
  • 頁數: 480
  • 裝訂: Paperback
  • ISBN: 1597491357
  • ISBN-13: 9781597491358
  • 立即出貨(限量) (庫存=1)




With funding from organized crime and spam lords, a generation of talented hackers without morals has created a devastating arsenal of deadly toys, in the form of botnets. Norman Elton and Matt Keel from the College of William & Mary in their presentation “Who Owns Your Network?” called bot networks “the single greatest threat facing humanity.” This may be an exaggeration, but botnets are arguably the biggest threat that the Internet community has faced.


Understand the Botnet’s Life Cycle
The life of a botclient can be described as a life cycle. The authors show the nine steps that are repeated until the command to abandon the client is given.

Learn DNS and C&C Technology
See how DNS is a good example of how C&Cs use multiple layers in their design to ensure they stay up. By using different servers, botnet controllers can concentrate on the C&C itself rather than moving all the bots.

Meet the Bot Families
Understand the characteristics of the various families: SDBot, RBot, Agobot, Spybot, and Mytob.

Take Advantage of External Notifications
No single measure guarantees detection of bot activity, but good monitoring of multilayered defenses will contribute immensely to keeping the botherder from your door.

Master Ourmon
Discover how ourmon, an open source network management and anomaly detection system, can help you recognize botnet attacks.

Use Sandbox Tools for Botnets
See how Sandbox and CWSandbox can be integrated into a bigger process of automatic malware analysis.

Identify the Information an Enterprise Should Gather
Tools like disassemblers can be used to disassemble a botnet and view its code.

Understand Why This Problems Exists
Find and eliminate the conditions that cause the demand, and botnets will diminish.

Contents of This Book:

Botnets: A Call to Action

Botnets Overview

Alternative Botnet C&Cs

Common Botnets

Botnet Detection: Tools and Techniques

Ourmon: Overview and Installation

Ourmon: Anomaly Detection Tools

IRC and Botnets

Advanced Ourmon Techniques

Using Sandbox Tools for Botnets

Intelligence Resources

Responding to Botnets