book

Botnets

by Craig Schiller, James R. Binkley, Michael Cross, Gadi Evron, Anthony Bradley, David Harley, Chris Ries, Carsten Willems

April 2011

Beginner to intermediate

480 pages

11h 18m

English

Syngress

Read now

Unlock full access

Cover image
Title page
Table of Contents
VISIT US AT
Copyright
Acknowledgments
Lead Authors and Technical Editors
Contributors
Chapter 1: Botnets: A Call to Action
IntroductionThe Killer Web AppHow Big Is the Problem?The Industry RespondsSummarySolutions Fast Track
Chapter 2: Botnets Overview
What Is a Botnet?The Botnet Life CycleWhat Does a Botnet Do?Botnet EconomicsSummarySolutions Fast Track

Chapter 3: Alternative Botnet C&Cs
Introduction: Why Are There Alternative C&Cs?Historical C&C Technology as a Road MapDNS and C&C TechnologyAlternative Control ChannelsWeb-Based C&C ServersSummarySolutions Fast Track
Chapter 4: Common Botnets
IntroductionSDBotRBotAgobotSpybotMytobSummarySolutions Fast Track
Chapter 5: Botnet Detection: Tools and Techniques
IntroductionAbuseNetwork Infrastructure: Tools and TechniquesIntrusion DetectionDarknets, Honeypots, and Other SnaresForensics Techniques and Tools for Botnet DetectionFirewall LogsAntivirus Software LogsSummarySolutions Fast TrackForensics Techniques and Tools for Botnet Detection
Chapter 6: Ourmon: Overview and Installation
IntroductionCase Studies: Things That Go Bump in the NightHow Ourmon WorksInstallation of OurmonSummarySolutions Fast Track
Chapter 7: Ourmon: Anomaly Detection Tools
IntroductionThe Ourmon Web InterfaceA Little TheoryTCP Anomaly DetectionUDP Anomaly DetectionDetecting E-mail AnomaliesSummarySolutions Fast Track
Chapter 8: IRC and Botnets
IntroductionUnderstanding the IRC ProtocolOurmon’s RRDTOOL Statistics and IRC ReportsDetecting an IRC Client BotnetDetecting an IRC Botnet ServerSummarySolutions Fast Track
Chapter 9: Advanced Ourmon Techniques
IntroductionAutomated Packet CaptureOurmon Event LogTricks for Searching the Ourmon LogsSniffing IRC MessagesOptimizing the SystemSummarySolutions Fast Track
Chapter 10: Using Sandbox Tools for Botnets
IntroductionDescribing CWSandboxExamining a Sample Analysis ReportInterpreting an Analysis ReportBot-Related Findings of Our Live SandboxSummarySolutions Fast TrackNotes
Chapter 11: Intelligence Resources
IntroductionIdentifying the Information an Enterprise/University Should Try to GatherPlaces/Organizations Where Public Information Can Be FoundMembership Organizations and How to QualifyConfidentiality AgreementsWhat to Do with the Information When You Get ItThe Role of Intelligence Sources in Aggregating Enough Information to Make Law Enforcement Involvement PracticalSummarySolutions Fast Track
Chapter 12: Responding to Botnets
IntroductionGiving Up Is Not an OptionWhy Do We Have This Problem?What Is to Be Done?A Call to ArmsSummarySolutions Fast Track
FSTC Phishing Solutions Categories
Index

Overview

The book begins with real world cases of botnet attacks to underscore the need for action. Next the book will explain botnet fundamentals using real world examples. These chapters will cover what they are, how they operate, and the environment and technology that makes them possible. The following chapters will analyze botnets for opportunities to detect, track, and remove them. Then the book will describe intelligence gathering efforts and results obtained to date. Public domain tools like OurMon, developed by Jim Binkley of Portland State University, will be described in detail along with discussions of other tools and resources that are useful in the fight against Botnets.

This is the first book to explain the newest internet threat - Botnets, zombie armies, bot herders, what is being done, and what you can do to protect your enterprise
Botnets are the most complicated and difficult threat the hacker world has unleashed - read how to protect yourself

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781597491358

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills