News
RSA: Botnet Fight Goes On
Botnet hunters find that, despite efforts to smoke the botnet underground out, Operation Bot Roast has done little to improve the overall botnet problem.
By Robert McMillan, IDG News Service (San Francisco Bureau)
In total, the botnets tracked by SecureWorks can send out more than 100 billion messages per day. These networks use Web-based templates, offering infected machines to the highest bidder as an easy software-as-a-service product.
So how to stop the problem? One panelist had an idea that may not sit well with everyone: Internet Service Providers should knock users off the network unless their patches are up-to-date. Because most botnet attacks target known software bugs, having your patches up-to-date, especially for popular products like Internet Explorer, Firefox, WinZip, and QuickTime, can make a real difference.
The only drawback: a good chunk of the Internet population would be knocked offline until they patched.
Still, maybe it's a fair thing to do because these people are harming others, according to Ira Winkler, president of the Internet Security Advisors Group, a security consultancy.
Often victims who have been infected with botnet code, don't even realize that the malware is on their system, he said. It's other computer users who must bear the brunt of the problem when the botnet network spams or launches a denial of service attack against them.
"We need home users to be responsible," he said. "Yes blame the users... because they present an imminent danger to others."
botnet
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Log Management in a Cyber World
- Implementing Best Practices for Web 2.0 Security
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
