Security Management Strategies for the CIOAccess "Be prepared: How to prevent and detect botnets"
This article is part of the August 2004 issue of Weight lifter: Appliances that lighten your security load
While teaching a class on intrusion detection techniques, I asked my students to make usage graphs of their networks. A few days later, a student called me at 2 a.m. because he had found 3,000-plus machines on his network that were broadcasting IRC traffic. It was a botnet -- a nasty one. Botnets are highly evolved versions of DoS tools and remote-control Trojans that hackers developed in the late '90s. Instead of controlling a few hundred machines, today's botnets can control up to 25,000 zombies. Hackers are using them not just to crash target networks, but to send spam and generate click-throughs to ad-laden porn sites. Once on a compromised network, bots log onto private IRC channels and wait for orders. Using the bot to download more attack tools and wreak more mayhem, the hacker can comfortably eat into a network even if it's behind a firewall, since most firewalls allow inside-outside connections. Bots mostly use IRC for communication, but they could use any other service that your firewall allows: SSL, HTTP, DNS, ICMP, etc. They effectively render ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Cut security costs with all-in-one appliances and firewall policies
by Lisa Phifer, Contributor
Turnkey, all-in-one appliances offer cost-effective security with less hassle.
-
Enhancing security risk management with cyberinsurance
by Lamont Wood, Contributing Writer
When all else fails, there's cyberinsurance. Learn how to enhance security risk management with cyberinsurance.
-
Cut security costs with all-in-one appliances and firewall policies
by Lisa Phifer, Contributor
-
-
Data security failure: How the government broke our trust
The government exposed thousands of Native Americans' financial data to hackers. Elouise Cobell forced the government off the Internet.
-
Service-level agreement advantages and disadvantages
by Anne Saita
Learn about the advantages and disadvantages of service-level agreements.
-
Data security failure: How the government broke our trust
-
Columns
-
Service-level agreement management: Defining security policy roles
Does your security plan include expectations or incentives for SLAs? Lawrence Walsh explains why setting standards for your enterprise is essential.
-
Be prepared: How to prevent and detect botnets
by Marcus J. Ranum, Contributor
Sooner or later, enterprises have to deal with a remote-controlled compromise. By treating botnets as a disaster preparedness problem, they'll be on the right track.
-
IE security risks: Making the switch to a more secure browser
by Jay Beale
Given the huge Web-based risk exposure with everyone running the same operating systems should enterprises look for an alternative to IE? Short answer: Absolutely.
-
Threat modeling follows attack tree as enterprise protection practice
by Pete Lindstrom, Contributor
Does your enterprise maximize its threat modeling potential? Expert Pete Lindstrom displays threat-modeling best practices and shows how it can help protect your enterprise.
-
Anticipating the worst: Security threat awareness and mitigation
Many IT managers have been lulled into a false sense of security because cyberattacks haven't happened yet. The coin-flip principle provides an all-too-real cyberspace context.
-
Service-level agreement management: Defining security policy roles
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...