Upload File

botnets

28
Botnets MONSTERS OF INTERNET By : Vishwadeep C. Badgujar | Jalgaon

Upload: vishwadeep-badgujar

Post on 14-Apr-2017

128 views

Category:

Internet


0 download

Report

TRANSCRIPT

Page 1: Botnets

BotnetsMONSTERS OF INTERNET

By : Vishwadeep C. Badgujar | Jalgaon

Page 2: Botnets

What is a Bot ( Bot/Botnets/Zombies)

The word bot comes from Robot A network of private computers/devices

infected with malicious software and controlled as a group without the owners' knowledge.

Page 3: Botnets

Recent news about bot attacks

Page 4: Botnets

BBC website crashed using 300 gbps ddos attacks

Page 5: Botnets

Pokemongo game website crashed using 200 gbps ddos attacks

Page 6: Botnets

ISPs in Maharashtra are facing DDoS attack

Page 7: Botnets

Botnet – 25,000 CCTV Cameras Hacked to launch Ddos Attack

Page 8: Botnets

Interesting facts - Bots

Page 9: Botnets

60% internet traffic consume by bot worldwide

Page 10: Botnets

Group of Bots can crack 1 TB password file into 10 hours , Single computer takes 10 years

Page 11: Botnets

Types of Bot

There are two main Communication Protocols used for bot attacks: IRC HTTP

Page 12: Botnets

IRC Protocol

IRC Botnets are the predominant version IRC mainly designed for one to many

conversations but can also handle one to one Most corporate networks due not allow any IRC

traffic so any IRC requests can determine and external or internal bot Outbound IRC requests means an already infected computer on the

network Inbound IRC requests mean that a network computer is being

recruited

Page 13: Botnets

HTTP Protocol

Due to prevalence of HTTP usage it is harder to track a botnet that uses HTTP Protocols

Using HTTP can allow a botnet to skirt the firewall restrictions that hamper IRC botnets

Detecting HTTP botnets is harder but not impossible since the header fields and the payload do not match usual transmissions

Some new options emerging are IM and P2P protocols and expect growth here in the future

Page 14: Botnets

HTTP Botnet Example: Fast-flux Networks

Commonly used scheme

Used to control botnets w/ hundreds or even thousands of nodes

Page 15: Botnets

C&C Centralized Model Example

3 Steps of Authentication

a. Bot to IRC Server

b. IRC Server to Bot

c. Botmaster to Bot

Page 16: Botnets

bots : How exactly work

Page 17: Botnets

Suppose attacker have hash file containing important password. And attacker have one 1 Tb file for password cracking.

Page 18: Botnets

He spilt this file into 10000 segments

Wordlist file ( Size 1 TB )

Page 19: Botnets

First attacker Spreads bot in vulnerable devices like routers and cctvs. ( most of the cctv are vulnerable coz of default username and passwords)

C & CC & C

Page 20: Botnets

Attacker setup C&C server first, then spread bot using C&C server ( Attacker always use Proxy Ip ) Then bots send to vulnerable devices. Then Attacker sends password file segments to bots ( approx each 1 Gb ) Now attackers needs to send command for cracking , As soon as

command sends every bots start working for cracking Hash file. Single computer needs 1 years to crack 1 Tb file So 10000 computer or devices proportionally need 10 hours (approx).

bots : How exactly work

Page 21: Botnets

what can botnets do Distributed Denial-of-Service Attacks  Sniffing Traffic Keylogging Spreading new malware Installing Advertisement Addons Attacking IRC Chat Networks Create fake website visitors Manipulating online polls/games

Page 22: Botnets

Common bot attacks

Page 23: Botnets

Denial-of-service

Another popular use of a bot, denial-of-service attacks look to invade a network or an Internet service provider, usually by stealth, in order to disrupt or cripple service. Here, the attacker tries to get as many computers infected as possible in order to have a bigger botnet network.

Page 24: Botnets

Spyware Spyware is any malware that can be used to gain information

from its target or targets, anything from passwords and credit card information to the physical data contained within files. These can be lucrative to a bot herder, as they can sell the data on the black market. If a bot herder gains control of a corporate network, these can be all the more lucrative, as they may be able to sell the “rights” to their bank accounts and their intellectual property.

Page 25: Botnets

Click fraud

his form of remote control can allow a bot herder to surreptitiously click links on Web sites and online advertising, bolstering numbers for advertisers and producing more money.

Page 26: Botnets

Wordlist bruteforce

This type of bot work for cracking passwords using bruteforce methods

Page 27: Botnets

Prevention Against Bots

Use best Antivirus software ( Norton/Avast/Avg) and take precautions for auto updates

Always use and enable firewall software Update ur operating system regularly Update ur routers regularly Malwarebytes is best software for bots detections

Page 28: Botnets

Present By HackTech | Jalgaon

Institute for Advanced Hacking & Cyber Crime Investigation


Modeling and Measuring Botnets

Ce hv6 module 63 botnets

botnets - UW Computer Sciences User Pagespages.cs.wisc.edu/~ace/media/lectures/botnets.pdf · Botnets • Botnets: – Command and Control (C&C) – Zombie hosts (bots) ... [Your

Modern Botnets - Maggi

about botnets

Botnets, Cybercrime, and Cyberterrorism

Botnets: Infrastructure and Attacks

Botnets An Introduction Into the World of Botnets Tyler Hudak [email protected]

Withstanding Multimillion-Node Botnets

Army of Botnets

Botnets & DDoS Introduction

Black Market Botnets

Peer-to-Peer Botnets

Botnets, malware and network attacks

Botnets and Cybercrime - ISWATlab · Botnets and Cybercrime ... Easily to takedown ... Zombie to Zombie

Botnets 10 Tough Questions

BACKDOORS BOTNETS, ROOTKITS Y

Introduction to Botnets - CCDCOE · referred to as a botnet or zombie network. ... After the Takedown . Introduction to Botnets Introduction to Botnets Organization

Bots and Botnets plus

Resilient Botnets - KAIST

Botnets y Redes Zombies

Hunting Botnets with Zmap

Monitoring botnets from within

BladeRunner: Adventures in Tracking Botnets

Malware: Botnets and Worms

Botnets 101

Wearable botnets 201560319_v3

Botnets by John Kristoff

Taming botnets

Defense against botnets

SPAM/BOTNETS and Malware

Sinkholing Botnets

Advanced Methods for Botnet Intrusion Detection Systems...botnets. 2.3.1 IRC (Internet Relay Chat) In the beginning, most botnets used a centralized approach for managing botnets (Bacher

monografia botnets

Cymru Botnets 101 - APNICarchive.apnic.net/meetings/26/program/security-training/botnets-101... · • Botnets are highly dynamic – Making them hard to detect, locate, and shut