Bots and DDoS attacks: a primer

Bots are the more intelligent C&C (command and control) versions of yesterday's remote access Trojan. There is a definitive architecture to bots, bot nets, and their damage. Bots are coded by either an individual or a team. Several recent disassembled bots revealed a development architecture that rivals legitimate application projects with phases, testing, bug fixing, and development forks.

Most bots use one or more attacks to break into remote machines. Patched and unpatched Microsoft vulnerabilities are popular on the client side; flawed PHP programs are a common target to compromise Web servers. The bot is often coded to a particular specification (what it will do, how it breaks in, etc.) from a malicious requestor or created and sold speculatively like housing investments in the physical world. Bots and DDoS attacks: a primer | InfoWorld | Column | 2007-02-23 | By Roger A. Grimes

Linked by shanmuga Thursday, 1st March 2007 12:44AM