Penetration Testing mailing list archives

Re: Botnets

From: Laurens Vets <laurens () daemon be>
Date: Fri, 27 Mar 2009 09:05:49 +0100

Hello Munyaradzi,

Can someone please explain to me how botnets use IRC? I want to make a
presentation to my group demonstrating this in my lab which comprises
of 4 winxp boxes. Unpatched. How are commands issued via IRC?

Simply put, as soon as your pc is infected, it will open an IRCconnection to some IRC server just like a real life person would do...

One example of how this happens can be read here:http://www.honeynet.org/node/54

Do a search for "tracking botnets" on Google and you'll see lots ofpapers and articles about how bots communicate which each other.


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal year? Check out the online penetration testing courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need as well: CEH, CPT, CEPT, ECSA, LPT.

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------

Current thread:

Botnets M.D.Mufambisi (Mar 26)
- Re: Botnets Aarón Mizrachi (Mar 30)
- Re: Botnets sr. (Mar 30)
- Re: Botnets Laurens Vets (Mar 30)
- Re: Botnets the.soylent (Mar 30)
- Re: Botnets Wasim Halani (Mar 30)
- RE: Botnets Dishman, James L (Mar 30)
  - Re: Botnets M.D.Mufambisi (Mar 30)