fronobulax
Bassist, GAD and the Hot Mess Mods
- Joined
- May 3, 2007
- Messages
- 24,770
- Reaction score
- 8,899
- Location
- Central Virginia, USA
- Guild Total
- 5
I haven't written any papers on the subject (although after averaging one lost drive every 12 months I have either lost all my papers or they are safely backed up) but I'll try.capnjuan said:For those of us who never really understood Edlin, could you explain what a botnet is and how it works? Thankee ... JDefault said:... When I was still doing the college thing last year, I did a paper on botnets.
Suppose you have a computer. I manage to install some nasty software on it that lets me take control of it. Your computer will do my bidding. How does it know my bidding? In general, as a bad guy, I will establish some kind of command and control channel. Perhaps your computer will contact a web site to receive my instructions. Perhaps it will listen to a chat channel for my commands. Often Internet Relay Chat (IRC) is the channel of choice. Geeks use it (instead of AOL Instant Messenger). It is fairly easy to configure and communications can be easily encrypted.
Suppose I have thousands of computers waiting to do my bidding and I can send one command via IRC to get them all to do it. That is one simple example of a botnet. "bot" as in robot and "net" as in network.
If I have a bunch of computers set to do my bidding there are many things I can do. I can tell them all to try and connect to a web site in hopes that the traffic will overload it and bring it down. Distributed Denial of Service attack.
I can send each one of them 100 email addresses and have them send SPAM or infected email to each address.
I can sell you access to my botnet so you can perform your special project in a way that is hard to trace back to you.
And so on...
If you know of SETI @ Home or one of the other efforts where people volunteer use of their computer to help solve an "interesting" problem then you can see the similarities to a botnet. At some technical level both are just distributed computing systems. Participation in a botnet, however, is usually not voluntary and often unknown to the owner of the hardware. The sort of tasks botnets are called on to perform are also less beneficial to society.