PCA Forums

Not too sure if this can actually be called one of the world's largest.... Interesting enough though is that there was a quote as saying "it would be easier for me to list the companies NOT affected by the malware."

In recent light of Australia having many of its Government websites DDos'ed (due to Australia passing censorship laws) it is hard for me to imagine that this will actually dent the botnet activity across the globe.

Lol @ DDoS. CTM exploit

$ConnectToMe %[line:Ip?]:%[line ort?]|$ConnectToMe %[line:Ip?]:%[line ort?]|$ConnectToMe %[line:Ip?]:%[line ort?]|

Old school. Winsock tool + the above with an event timer......

True, although DDoS is hardly the primary purpose of a botnet. It's all about making money, through SPAM, identity theft, or extortion.

But I agree that "world's largest botnet" is a moving target. There was a time when a "large" botnet was 5000 PCs. Nowadays they can easily be 100K+

If there isn't already an international consortium on this, there should be one. Really, these can eventually be dangerous (though most only want money).

I am pretty dang sure that many 'nets are known, but the fact remains the same the computers are legitimately another person's and pretty much have to be cleaned from end-user side in order to not have the botnet have access.

All said, I do not see a stop to the botnet, but I could envision a way for DDos to either be slowed or become nonexistent altogether.

What I mean is an active pursuit somehow. I realize that it's all distributed, but it's totally possible greatly reduce the problem with some assistance from the IP's & various governments. Heck, why not just plain notify the people/businesses that they are compromised via automated e-mail. That there may be enough for people to at least get their stuff checked out. Of course things always morph, but bandwidth usage usually says something.

There's lots of issues. These have been discussed on security blogs & podcasts, and I actually heard from law enforcement at that security conference I attended with wvJohn.

The biggest issue is the international nature of these botnets. It's never easy dealing with law enforcement issues cross-border.

There are many security groups that work to defeat botnets. These are not associated with law enforcement and comprise security companies and ISPs/backbones/etc that voluntarily perform acts that are legal in their countries (take down web sites or servers that are used as command and control systems, notify users with infected systems, block specific ports, spoof or take over botnet command and control systems, etc.

Believe me, there are people fighting these crooks, and they are technically capable, but unlike the crooks they have to work inside the law.

That's what I mean. There needs to be a global agenda to stop these thieves.