Hakin9 kicked out another Extra issue this one devoted to Botnets. It covers some basic overviews on botnets and a few articles covering some more technical aspects of botnets. If you are newcomer to botnets then this issue is the one to read and if you are simply looking for a couple technical articles on botnets then the first two articles are an awesome source.
The first article, titled “A study of a Botnet creation process and the impact of a DDos attack against a web server” is about the bot BlackEnergy and all of its functions. It was a pretty interesting read on BlackEnergy, it’s functions and configs. It covers the bot’s capabilities and then discusses a load test (aka a BlackEnergy attack) against a web server. While load tests are never the perfect replica of an environment the results are still note worthy and easily show the results of a BlackEnergy attack.
The next article, “Zeus Botnet” goes over how to build and configure Zeus. I haven’t ever had the chance to build Zeus but after reading this I should really play with some the code some. It was an extremely interesting overview on the packaging of Zeus.
The following article is a short article on Bots that are abusing VoIP and DTMF tones. It doesn’t go into any large detail about these specific botnets and their VoIP control but it introduces the user to another medium bots are being herded.
The next article, “BotNet, the Right Hand of the Criminals” is an introduction to what botnets are. If you are new to the topic I suggest reading this article prior to any of the others. It was a really nice overview on common botnet procedures, including a fair amount of common botnet statistics. It was an easy very high level read and the perfect nontechnical introduction for a beginner.
Botnets for fun and profit (man, the title never gets old) is another overview of botnets but on a little more of a technical view. Once again it was a high level overview but with a tad more technical aspects.
The next article, “Social Networking and Security Risks” is exactly about exactly what the title states. While a lot of the suggestions, tips and information might seem like commonsense pieces of information unfortunately the truth is most people don’t follow these simple rules and suggestions. If you are looking for an article to help you explain a lot of these types of risks out there this article can help.
“What is a botnet”, is another 10k view of a botnet overview. I am not saying tiwas a bad article at all but if you take in all 3 botnet overview articles and the top two technical articles you will have a pretty nice understanding of how some commonplace botnets work, giving you a good not overly technical overview of botnets.
The last article, “Top 10 iPhone Security Tips” is a really nice article on properly securing your iphone. Of course there are usually 300 different ways to achieve something but this overview does a terrific job detailing a lot of good security steps for your iphone and what I would consider an absolute must read for all you iphone users. While this article isn’t botnet related it is probably my top pick for this issue because the information in the article is completely laid out for the user and is one of those things that can save you some time from mucking around the phone or forums looking for the proper actions to perform when securing your device.