logging in or signing up 107 BOTNETS 1 aSGuest11548 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 1204 Category: Education License: All Rights Reserved Like it (4) Dislike it (0) Added: January 28, 2009 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... By: dhiraj27sd (8 month(s) ago) How to download tis ppt. i cant download this Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript BOTNETS : BOTNETS Presented By CHAMPAT INGLE Roll No :35106 Guided By PROF.C.A.LAULKAR A BIGGEST THREAT TO INERNET A Quick Glance : A Quick Glance Introduction Actual working Protocols IRC More about botnets Examples Malicious activities Some good application Types of BOTS Tracking botnets Prevention Conclusion INTRODUCTION : INTRODUCTION Botnets are networks of computers taken hostage by malware that controls them and makes them to act in other nefarious ways. A "botnet" is a collection of computers that have been infected with remote-control software. Runs autonomously and automatically. User unaware ACTUAL WORKING : ACTUAL WORKING Worm/Trojan program that's usually transmitted through a spam. BOTS created. Communicates with attacker. Attacker send commands through IRC. PROTOCOLS : PROTOCOLS IRC HTTP P2P INTERNET RELAY CHAT :IRC : INTERNET RELAY CHAT :IRC Zombie establish connection with bot controller. All bots are connected to IRC servers. Bot controller send commands to bots through IRC MORE ABOUT BOTNETS : MORE ABOUT BOTNETS Size of Botnets: 50,000 or more for single botnet. 1000 home PCs with an average upstream of 128KBit/s can offer more than 100MBit/s. IRC hides IP’S. Different botnets can be connected through IRC Botnets can be rented Botnet controller is always unidentified. Malicious activities : Malicious activities Distributed Denial-of-Service (DDoS) attacks. Spamming Sniffing Keylogging Spreading new malware Mass identity theft (Phishing) GOOD APPLICATIONS : GOOD APPLICATIONS Manipulating online polls/games: Instant Messenger Search Engines EXAMPLE : EXAMPLE DDOS Attack by CHINA on US TYPES OF BOTS : TYPES OF BOTS Agobot: Most sophisticated. IRC based command/control. Capable of many DoS attack types . Traffic sniffers/key logging. SDBot: Simpler than Agobot, 2,000 lines C code. Non-malicious at base. Utilitarian IRC-based command/control. Easily extended for malicious purposes. Scanning DoS Attacks Sniffers TYPES OF BOTS : SpyBot: <3,000 lines C code. Possibly evolved from SDBot . Similar command/control engine. No attempts to hide malicious purposes. GT Bot: Functions based on mIRC scripting capabilities. HideWindow program hides bot on local system. Port scanning, DoS attacks, exploits for RPC . TYPES OF BOTS TRACKING & STOPPING BOTS : TRACKING & STOPPING BOTS Tracking IRC Servers Bring Down The IRC Servers Honeynets PREVENTION : PREVENTION Using anti-virus and anti-spyware software and keeping it up to date. Setting your operating system software to download and install security patches automatically. Being cautious about opening any attachments or downloading files from emails you receive. Using a firewall to protect your computer from hacking attacks while it is connected to the Internet. PREVENTION : Disconnecting from the Internet when you're away from your computer. Downloading free software only from sites you know and trust. Taking action immediately if your computer is infected. PREVENTION CONCLUSION : CONCLUSION Botnet a large army of networked computers. Used in many malicious activities. Works automatically and autonomously. Hence biggest threat to INTERNET THANK YOU : THANK YOU You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
107 BOTNETS 1 aSGuest11548 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 1204 Category: Education License: All Rights Reserved Like it (4) Dislike it (0) Added: January 28, 2009 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... By: dhiraj27sd (8 month(s) ago) How to download tis ppt. i cant download this Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript BOTNETS : BOTNETS Presented By CHAMPAT INGLE Roll No :35106 Guided By PROF.C.A.LAULKAR A BIGGEST THREAT TO INERNET A Quick Glance : A Quick Glance Introduction Actual working Protocols IRC More about botnets Examples Malicious activities Some good application Types of BOTS Tracking botnets Prevention Conclusion INTRODUCTION : INTRODUCTION Botnets are networks of computers taken hostage by malware that controls them and makes them to act in other nefarious ways. A "botnet" is a collection of computers that have been infected with remote-control software. Runs autonomously and automatically. User unaware ACTUAL WORKING : ACTUAL WORKING Worm/Trojan program that's usually transmitted through a spam. BOTS created. Communicates with attacker. Attacker send commands through IRC. PROTOCOLS : PROTOCOLS IRC HTTP P2P INTERNET RELAY CHAT :IRC : INTERNET RELAY CHAT :IRC Zombie establish connection with bot controller. All bots are connected to IRC servers. Bot controller send commands to bots through IRC MORE ABOUT BOTNETS : MORE ABOUT BOTNETS Size of Botnets: 50,000 or more for single botnet. 1000 home PCs with an average upstream of 128KBit/s can offer more than 100MBit/s. IRC hides IP’S. Different botnets can be connected through IRC Botnets can be rented Botnet controller is always unidentified. Malicious activities : Malicious activities Distributed Denial-of-Service (DDoS) attacks. Spamming Sniffing Keylogging Spreading new malware Mass identity theft (Phishing) GOOD APPLICATIONS : GOOD APPLICATIONS Manipulating online polls/games: Instant Messenger Search Engines EXAMPLE : EXAMPLE DDOS Attack by CHINA on US TYPES OF BOTS : TYPES OF BOTS Agobot: Most sophisticated. IRC based command/control. Capable of many DoS attack types . Traffic sniffers/key logging. SDBot: Simpler than Agobot, 2,000 lines C code. Non-malicious at base. Utilitarian IRC-based command/control. Easily extended for malicious purposes. Scanning DoS Attacks Sniffers TYPES OF BOTS : SpyBot: <3,000 lines C code. Possibly evolved from SDBot . Similar command/control engine. No attempts to hide malicious purposes. GT Bot: Functions based on mIRC scripting capabilities. HideWindow program hides bot on local system. Port scanning, DoS attacks, exploits for RPC . TYPES OF BOTS TRACKING & STOPPING BOTS : TRACKING & STOPPING BOTS Tracking IRC Servers Bring Down The IRC Servers Honeynets PREVENTION : PREVENTION Using anti-virus and anti-spyware software and keeping it up to date. Setting your operating system software to download and install security patches automatically. Being cautious about opening any attachments or downloading files from emails you receive. Using a firewall to protect your computer from hacking attacks while it is connected to the Internet. PREVENTION : Disconnecting from the Internet when you're away from your computer. Downloading free software only from sites you know and trust. Taking action immediately if your computer is infected. PREVENTION CONCLUSION : CONCLUSION Botnet a large army of networked computers. Used in many malicious activities. Works automatically and autonomously. Hence biggest threat to INTERNET THANK YOU : THANK YOU