The community of botnets is fighting constantly to scramble for the most bots, the most bandwidth, and the largest number of infected computers. In 2008, an average of 60 billion spam messages were sent from the botnet a day. Microblogs like Twitter and Facebook are also gradually being turned into botnets to spread malicious code and spam. Botnets designed to attack Mac OS X operating systems have also been sparked.
What are the signs that a computer has a botnet?
All Vietnamese users should know about botnets Picture 1Artwork There are many signs that the computer is infected with malicious code and becomes a bot in the botnet:
- Computer processing speed decreases.
- Internet access speed becomes extremely slow.
- Continuous pop-up ads appear.
- Suddenly infected with many different types of malicious code.
- Spike Internet access capacity (monitored by the bandwidth monitor program, monitor whether the router light blinks continuously)
CMC Recommendation InfoSec how to detect and avoid botnets:
Bots can spread themselves through operating system vulnerabilities and hijack users' machines. In addition, some bots do not have a feature that spreads, so it needs a virus.
For individual users
Most bot attacks are aimed at single individual users, university servers or small business networks. Because computers in these places are not closely monitored, it is often weak to protect the immunity policy of these machines. To avoid being infected with a botnet, users should:
- Scan the device periodically with CMC Internet Security or other antivirus software, always ensure they are updated to the latest versions.
- Monitor and update patches for operating systems and Internet access applications regularly.
- Using copyrighted software, do not use crack / patch files floating on the Internet
- Be careful when opening strange files of unknown origin or unknown reliability (from email, chat, internet links)
- Do not access strange web links.
- Reconfigure browsers.
- Improve knowledge of using computers to avoid fraudulent tricks (sending exe files with icons such as JPG or DOC files for users to open)
For corporate administrators:
- Regularly update information on the latest security holes
- Need to raise awareness for users about security issues and security policies
- Study routine logs (log records) created by IDS and many firewalls, mail servers, proxy servers to help detect abnormal traffic, a sign of bot presence and so on timely preventive measures.
However, the best defense and protection against botnet attacks is the users themselves and their perceptions.