Shutting Down Botnets
Unless you have been hiding under a rock or on a walkabout in the Australian outback for the past year or so, you have probably seen the terms bot or botnet a number of times. A "bot", sometimes referred to as a "zombie", is a computer that has been infected or compromised with a bot utility. A botnet is the term used to describe the collection of compromised bots that an attacker can assemble and use for malicious means. Some estimates claim that there may be over 100 million compromised computers lying dormant and waiting to be used in an attack of some sort. It was recently estimated that the Storm worm alone has amassed a large enough botnet that the combined computing power can out-compute any supercomputer in existence. Bots are also blamed for a majority of the spam traffic. In a nutshell, bots are one of the larger threats to Internet security right now. The question is, who's job is it to stop them? Should an ISP, such as Comcast, be responsible for monitoring their network for bot activity and taking action to eradicate the bots, or is their job simply to provide a pipeline? An article in The Register examines this question. Should ISP's be responsible for policing their own networks? If not "responsible", should they at least be willing to engage and take action when an issue is brought to their attention? Or, can the ISP claim they just connect point A to point B and wash away any burden for what happens in between?
Source:
http://netsecurity.about.com/b/a/256895.htm
Comments