130 likes | 225 Views
Introduction to Unix. Update on the Spam War. BOTNETS and Spam. Wikipedia Definition – BOTNET
E N D
Introduction to Unix Update on the Spam War
BOTNETS and Spam • Wikipedia Definition – BOTNET • Botnet is a jargon term for a collection of software robots, or bots, that run autonomously and automatically. The term is often associated with malicious software but it can also refer to the network of computers using distributed computing software.
BOTNETS and Spam • Wekipedia Definition: Spam • abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. • Wekipedia Definition: Bot Herder • controls the Botnet remotely, usually through a means such as IRC, and usually for nefarious purposes. Individual programs manifest as IRC "bots". Often the command-and-control takes place via an IRC server or a specific channel on a public IRC network. This server is known as the command-and-control server ("C&C").
BOTNET Revealed • Spammers need a web space from where to operate. They cannot take space from normal hosting companies like GoDaddy as they will shut them down when many complaints turn in. As the volume of spam increases in the Web space, so does the volume of complaints.
BOTNET Revealed • So they require a web host that shuts ears to these complaints. McColo was one such—a major player to the so-called Bulletproof Hosting. Bulletproof hosting is a term applied to the hosting plan that keeps a website online, no matter how many complaints it receives.
BOTNET Revealed • Security Fix Blog – Had been tracking McColo for several months. • 10 November – Security Fix reported findings to Global Crossing and Hurricane Electric. The upstream providers for McColo • Results – McColo was cut off from the internet
BOTNET revealed • The major botnets operated by McColo included:Pushdo(Cutwail), a fake e-card trojan, that had 7.1 % of the network; Rustock (a trojan stealing financial details) with 17.6%; Ozdok (Mega-D) (that has about 35,000 systems infected worldwide), with 20.7%; Srizbi, with 36.1 %; and other botnets like Warezov (Stration/Opnis), Bobax, Wopla, etc., in minor percentages.
According to MessageLabs, an email security research firm, botnets constitute 90 per cent of the overall spam. Spamhaus, a spam research organization that hosts industry's most extensive and accurate real-time spam data, tells that there are about 1.5 million computers infected with Srizbi or Rustock. BOTNET Revealed
BOTNET Revealed • Nilesh Bhandari, the product manager at IronPort, a major email security firm, said: The company sees an average of about 190 billion spam e-mails each day. Then, at around 4:30 p.m. ET yesterday [11th], IronPort saw a huge decline in spam levels. For the 24 hour period ending Tuesday, the company tracked about 112 billion spam messages.We fully expect this to recover completely, and to go into the highest ever spam period during the upcoming holiday season. • According to a spokesperson, Jason Steer, also from IronPort:It is an unprecedented drop but will be a temporary outage as the networks move from North America to places where there is less scrutiny.