Microsoft Office Word 2003: Comprehensive Concepts and Techniques, CourseCa
Author: Gary B Shelly
For the past three decades, the Shelly Cashman Series® has effectively introduced computers to millions of students, consistently providing the highest quality, most up-to-date, and innovative materials in computer education. Enjoy the proven step-by-step style and improved office 2003 updates of the Shelly Cashman Series® Word 2003 textbook to enhance your Office application skills today!
Interesting textbook: Cafe Food at Home or Chicken Etc
Malicious Bots: An Inside Look Into the Cyber-Criminal Underground of the Internet
Author: Ken Dunham
Originally designed to sabotage or annihilate websites, computerized "Bots" are increasingly used in mass spamming events, fraud, extortion, identity theft, and software theft. Once they are loose on the Internet there is no controlling the harm they can inflict. With more than 26 years of information security experience between them, Dunham and Melnick provide a much needed a resource for understanding the scope, sophistication, and criminal uses of bots and how to more proactively protect against them. They examine the top bot attacks against financial and government networks over the last four years and reveal the who, how, and why behind them.
Table of Contents:
Preface ixAcknowledgments and Permissions xi
About the Authors xiii
Introduction to Bots 1
Thr34t Security Krew and the TK Worm 7
The Investigation of the Thr34t Krew Lance Mueller 9
First DYNDNS Account (BestIce) 12
Second DYNDNS Account (Phreeze) 16
Third DYNDNS Account (D00M) 19
Seth Fogie 21
Help with Additional Technical Details 23
A Trip Across the Pond 23
Sitexec 25
DiSice 26
XaNiTH 28
Sitexec 30
Second Search Warrant Sweep 30
Jadaka 30
Mr40 31
Thr34t Krew Investigation: Concluding Comments 31
Demonstration: How a Hacker Launches a Botnet Attack 33
Step 1: Find, Modify, and Build a Bot 33
Step 2: Customize the Binary for Attack 35
Step 3: Launch the Attack 37
Step 4: Managing the Botherd 37
Step 5: Payloads, with an Emphasis on "Pay" 39
Introduction to the Use of Botnets in Criminal Activity 41
Timeline 41
Bots: A Pathway to Criminalization of the Information Age 44
Bots: The Integrated Business Solution for Criminals 45
"Botmasters" Who Were Caught 46
International Botnet Task Force Conferences 47
Operation "Bot Roast" I and II 47
How Big Do Botnets Need to Be to Pose a Serious Threat? 48
Peering Inside the IRC Botnet 50
Post-IRC-Based Bots 50
Botnet Attack Statistics 52
Botnet Features and the Criminal Enterprise 54
A Modular Approach to Botnets: A Major Aid to Criminals 54
Granular Spreading Capabilities 55
A "Service Bot" 55
The Degradation Feature of Botnets and Its Impact on Criminal Activity 56
Botherds Through the Eyes of a Criminal Mind 57
Criminal Vectors Utilizing Bots 57
Theft of Sensitive Information 57
DDoS Attacks and Extortion 58
Bot for Rent or Hire 60
Spam 63
Spam Bots and Criminalization 65
Pump-and-Dump Fraud 66
Covert Communications 67
Click Fraud and Affiliate Abuse 68
Adware Abuse 69
Taking Out the Competition 70
Botnets and the eCrime Cycle: The iSIGHT Partners' Approach 71
Technical Introduction to Bots 75
Common Ports 75
Command and Control Strategies 76
IRC C&C 76
Peer-to-Peer C&C 79
Web-Based C&C 80
Use of Encryption or Obfuscation 84
Types of Distributed Denial of Service (DDoS) Attacks 85
Introduction to Selected Bots 86
AgoBot 89
SDBot 91
PhatBot 96
The Infamous Hang-UP Team and IRC-Based Fraud Operations 98
Reptile 101
ZoTob 102
PBot 103
Tsunami 105
Kelvir 106
MetaFisher 107
Storm 113
Mitigation 123
Concluding Thoughts 125
USA Today: Botnets Used for Blackmail in Cyber Extortions 125
The Kraken Botnet 126
A Botnet That Targets .edu and .mil Servers 126
"Poisoning" the Storm Botnet 126
The Battle Is Joined! 127
The "Cyber Parasites" of the Internet 127
On the Edge of a Precipice 128
Glossary 131
Bibliography 135
Index 145
No comments:
Post a Comment