Home
Web Page
Hosting Plans Free Guides
The Web Host Blog
All-In-One Hosting
Web Page
Hosting Articles DomainReg
Shared/Dedicated
Personal Hosting
UNIX Guide
VPS Hosting
PHP Hosting
e-Commerce
Web Development
Dedicated Hosting
Hosting ASP
Windows Hosting
MYSQL Hosting
Cheap Hosting
Colocation
Photo Hosting
Quick Guide
FLASH!
Helpful Tips Your Advice
Hints & Tips
Computer Pointers
Privacy Policy
About Me
Contact Me

A Botnet Attack Turns Computers to Zombies










Botnet attack is a type of attack often originated by a network of computers. In general, a Distributed Denial of Service attack, more commonly known as a DDoS attack, overwhelms a targeted machine with so much data that the system either slows down significantly or shuts down entirely.


What is Botnet?



A botnet is a group of computer systems (individually known as zombies) that have been compromised and enslaved by attackers. This occurs via remote control typically through the use of a Trojan horse, one of the most dangerous types of malicious software.

Together, these enslaved computers generally target a single system to create the high volume of traffic needed to facilitate a DDoS attack. Botnets are often auctioned off and traded among a large community of hackers, thus a manipulated system may actually be under the control of multiple attackers, each with their own twisted goal.

Aside from DDoS attacks, some use these zombies to distribute malicious code, some use them as a spam relay and others use them to launch phishing campaigns.


Inside the Botnet Attack



Botnets may use a number of methods to facilitate a DDoS attack. The most common involve the use of HTTP GET requests and SYN Floods. The notorious MyDoom worm that targeted SCO.com is one of the most infamous examples of an HTTP GET attack.

As the name implies, this particular exploit works by sending HTTP requests for a specific page to the target the system. With MyDoom, the zombie machines sent a total of 64 requests every second.

Being that tens of thousands of machines were believed to be infected by the worm, the attack was able to overwhelm SCO.com quickly, causing the website to shutdown for many days.

Starting a Work-From-Home Business?
Make It a Successful One!

(click here)
A SYN Flood is a type of botnet attack that takes advantage of Internet Protocol. Internet communications rely on what is known as a three-way handshake. For example, the client that initiates the communication begins with a SYN. The server responds back to the client with a SYN-ACK.

From there, the client is supposed to respond back to the server with an ACK. Attackers can manipulate these communications by using spoofed IP addresses to send the SYN, resulting in the SYN-ACK being sent to an address that either did not request it or does not exist at all.

The server waits for a response from the ACK but gets nothing, thus the handshake has been aborted. When too many aborted SYN packets are sent to the target system, its resources are quickly depleted and the server eventually becomes a victim of a DDoS attack by way of SYN Flood.


Zombie Protection



HTTP GET requests and Syn Flood attacks are just two of several techniques botnets leverage to launch their malicious assaults.

They also rely on UPD Fragment attacks, ICMP Floods and the dreaded Ping of Death. DDoS attacks initiated by zombie computers are among the most difficult to detect, prevent and track.

Unlike several other exploits, dealing with them calls for a more strategic and proactive approach. Of course there are many anti-botnet solutions that exist, but the best botnet detection practices involve tightening your network and host security, in addition to putting a special focus on Trojans, worms and viruses, the types of malware most known to lead to botnet attack.

Website Builder

Design, make & create your own website in minutes. They told us what they need to succeed. And they still do.

Return to Hints & Tips #2 from Botnet Attack.







Custom Search


footer for botnet attack page