Botnets: The New Threat Landscape
By Cisco Systems
Published December 2007; Posted January 2008
A botnet is an army of compromised machines, also known as "zombies," that are under the command and control of a single "botmaster." The rise of consumer broadband has greatly increased the power of botnets to launch crippling denial of service (DoS) attacks on servers, infect millions of computers with spyware and other malicious code, steal identity data, send out vast quantities of spam, and engage in click fraud, blackmail, and extortion.
Botnets are the primary security threat on the Internet today. It is easy to commission botnet attack services and hackers are quicker than ever to exploit new vulnerabilities. Tens of thousands of machines are typically part of a single botnet. Botnets are hard to detect because they are highly dynamic in nature, adapting their behavior to evade the most common security defenses.
IT security teams must prevent corporate devices from becoming part of a botnet and protect corporate resources from botnet attacks. This white paper discusses the typical lifecycle of a botnet, the damage caused by botnet attacks, and the most effective detection and mitigation techniques. It then discusses solutions available through Cisco®.
By downloading this information, you acknowledge that the sponsor(s) of this
information may contact you, providing that they give you the option of
opting out of further communications from them concerning this information.
Also, by your downloading this information, you agree that the information
is for your personal use only and that this information may not be
retransmitted to others or reposted on another web site. Please encourage
colleagues to download their own copy after