Total Pageviews

►Are You under BOTNET Attack

Posted by sooraj chandran on Tuesday, 19 July 2011


The Application of "Botnets" is known as the GOD tool of the cyber criminals, as it provides the possibility of large-scale attacks from all infected systems, anonymously. 
A botnet is a network of computers infected by malicious code being controlled by an attacker, have their resources to work together and distributed.
When a computer has been affected by "bot malware" type is said to be a robot or zombie computer. By controlling the system remotely (in whole or in part), botnet owners can access them to perform various malicious tasks such as spam, conducting attacks distributed denial of service (DDoS), the file hosting for web sites (pornography, pedophile, warez, cracks, phishing sites, etc..), distribution and installation of new malware and abuse of online advertising. With my advance study and research upon the working of this deadly xploit,i have derived few ways and strategies for the Computer Users,to detect whether their system is Vulnerable to a "Botnet Attack" or is already "infected" to this! Apart from this i hv also mentioned few feasible ways upon how to cope back with this attack process(application download links given in the article),and regain the system stability!the complete concept is elaborated in the below given tutorial,i shall say that it sd b a MUST read for all the members on hackncrack members
SYmptoms Of AN Botnet Attack
1. The fan starts at full speed when the computer is idle: This may indicate that a program is running without the user's knowledge and that you are using a considerable amount of resources. Of course, this could also be caused by the installation of Microsoft updates, for example. Another problem that can cause the fan to work is too much dirt in your computer or a failing CPU fan.
2. The computer takes a long time to shut down, or not done correctly: Often the malware has errors that can cause a variety of symptoms, including shutting down the system very long or directly fails. Unfortunately, operating system errors or conflicts with legitimate programs can also cause the same symptom.
3. Observations in Facebook wall that has not sent: There are some other reasons other than the malware and unauthorized access to the account to bring up this issue. If you see that happens, you definitely need to change your password and make sure the system is not infected. The ideal is to make sure the computer has no malware before changing the password and not use the Facebook code on different sites.
4. Applications are going very slow: This may be because they are hidden programs using a large amount of computer resources. But it could also be caused by other problems.
5. Can not download operating system updates: This is a symptom that can not be ignored. Even if it is being caused by a bot or other malware, if not keep security patches up to date the system is infected. 6. Can not download antivirus updates or visit websites of suppliers: Malware often tries to avoid antivirus or security solutions are installed or executed. The failure to update antivirus or visit the manufacturer's website is a very strong indicator of the presence of malicious code. 7. Internet access is very slow: If a bot is running on the system, for example, sending large amounts of spam, an attack against other computers or upload / download large amounts of data, can cause Internet access is very slow. 8. Friends and family have received emails that you hvn't sent: This may be a sign of a bot or other malware, or your web mail account has been compromised by an attacker. 9. Open pop-ups and ads, even when not using a web browser: While this is a classic sign of adware, bots can install this malware on your computer. You definitely have to address this problem. 10. The Windows Task Manager shows programs with strange names and descriptions: Use Task Manager requires some skill and research. Sometimes legitimate software can use foreign names. An entry in the Task Manager is not sufficient to identify a program as harmful. While it can help you find malware, additional steps must be performed to validate the results. Remove processes, files or registry entries only on suspicion is a bot or other malware, can result in the team even starts. Be very careful to make assumptions and take action on them. Although these signals can also be indicators of other types of malicious code are relevant signs warning about the possible infection of the team. To confirm whether this is a botnet, it is advisable to scan the computer with an antivirus. In the case of Eset NOD32 Antivirus, Win32/Spy.Zbot detections, IRC / SdBot and Win32/AutoRun.IRCBot, among others, indicate the presence of bot malware type. Are you part of a botnet? The way to turn himself into a zombie PC are varied, but almost all involve the execution of malicious code inadvertently, especially on computers that have not applied the latest security patches. Some of the most common forms of infection are: * Patches or cracks for checking out commercial programs * Malware hidden in Java, ActiveX controls or accidental discharges * Trojan (fake antivirus and P2P applications) * Virus in email attachments * Worms that use no firewall connections To carry out their attacks, botnets require always-on computers and free Internet access, so infections are difficult to detect. ESET antivirus company has compiled a list of symptoms (similar to Microsoft), if your situation matches the one described, it is possible that your PC is a zombie. * The computer operates without human intervention * Problems shutting down or off defective * Unusual slowness while browsing and sending emails * Decrease significant performance * Failure to update the antivirus * Appearance of strange messages After infection, very discreet, hidden process remains pending orders of the "shepherd" the villain behind the zombie network. His command can only be achieved if the machine is turned on, connected and no firewall involved. Programs like TCPView or CurrPorts(http://www.nirsoft.net/utils/cports.html) help you discover hidden processes that are using the Internet, one of them could be the virus. Another great diagnostic tool-is-BotHunter advanced, specialized in the detection of botnets and available for Windows, Mac and Linux. The killer bots: RUBotted(http://free.antivirus.com/rubotted/) Sometimes a standard antivirus is not enough to free the computer from the state of slavery, although its activation and updates, and use a firewall (for example, included in Windows) are strongly recommended preventive measures. If you want a specific vaccine, Trend Micro RUBotted test. RUBotted controls network activity and running processes looking for suspicious patterns. In case of detecting malicious activity, alerts the user and offers options for disposal. Among the alternatives are RUBotted Removal Tool Microsoft Malicious Software and other free vaccines. The complete tutorial ends here,it is advisable to download the above mentioned application from the download link given,it took a lot of hard efforts to prepare this article,hope this helps! 


{ 1 comments... read them below or add one }

Kundan Singh said...

videocon Recharge Rs.83 ,get Talktime Rs. 63 & 10 Local V2V Mins. Mins Valid for 28 days.

Post a Comment