« Give Granny a Linux system
Cutting down botnet efficiency »

The anatomy of a botnet

I’ve been looking up botnet information today. After chasing the invisible wiki spammer around for a while, I realized he’d been using a botnet at least since September 20, possibly longer.

I’m interested in logging infected computers, and finally found an article that was a bit more meaty than most:

SANS: Mitglieder hell

He’s absolutely right in that certain URL’s should be null routed on your network - especially if you’re an ISP or a large company.

This entry was posted on Monday, October 10th, 2005 at 2:36 pm and is filed under Parasites. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “The anatomy of a botnet”

  1. RichardP Says:
    October 10th, 2005 at 8:26 pm

    > After chasing the invisible wiki spammer around for a
    > while, I realized he’d been using a botnet at least since
    > September 20, possibly longer.

    This spammer has been making a nuisance of himself on more than few wikis patrolled by WikiMinion. He switched to using a botnet no earlier than September 20. WikiMinion’s records contain no evidence of him using a botnet prior to that date. Anyone want a list of his botnet’s IPs? WikiMinion has constructed a BIG list ;-)

Leave a Reply