A botnet is a collection of computers that are under the control of a person or group, usually facilitated by malware. These computers are often used to take part in DDoS attacks and spamming.
Questions tagged [botnet]
162 questions
0
votes
1 answer
Why do DDoS attacks spoof DNS source IPs?
Recently, a lot of my friends have been talking about botnets. They said they've created their own. Obviously, I know this is all illegal so I try not to take part in any of it.
But I've been wondering how they work. I've read some articles…
Hackermon
- 3
- 2
0
votes
1 answer
Can Mirai scan reach devices behind routers?
I recently saw this article of a version of Mirai being spread to Android based devices via ADB enabled. My question relates to how Mirai does scanning.
Lets assume I have a Android based device (like tablet or smart TV) in my home behind a router.…
Jake
- 1,095
- 3
- 12
- 20
0
votes
1 answer
Can't free proxies be used to create a botnet?
I recently learned that there are plenty of services on the internet that offer/list free public proxies (freeproxylists.net, hidemyass.com, proxyscrape.com to name a few). Is this safe? Can't an attacker easily connect to multiple of these free…
Guy4444
- 47
- 2
0
votes
0 answers
DDoS in form of bad bots?
Recently, one of my servers came under attack by DDoSing it. After inspection of access logs, I can only find one common denominator: Referrer.
All of request come with (I assume) fake…
Jovan Perovic
- 123
- 4
0
votes
1 answer
Using opensource C2 dangers
I've been playing around with some of the C2's available at GitHub that I've found at https://www.thec2matrix.com/matrix
It's cool to play around with tons of Linux machines I own and send them commands and retrieve stats out of them with custom…
Napal
- 155
- 5
0
votes
1 answer
Malicious IP addresses
I am looking for updated lists of IP addresses that belong to malware's C&C, botnets, malicious scanners, or other sort of malicious activities.
Is there any public database of malicious IP addresses?
MOH
- 31
- 5
0
votes
1 answer
How does the server-client scheme work in a botnet?
I am having trouble wrapping my head around the idea on how a server-client botnet structure actually works.
Let's say that the server is A, and the client is B.
We know A is listening always on port 1000, and A is the infected machine.
We know B…
ABC
- 115
- 4
0
votes
1 answer
Monitor incoming TCP/UDP flood attack and graph it
I'm preparing a presentation on a security issue and want to include a demonstration. It won't be in real time, I just need to show some pictures of the results.
I have some VPSes that will perform a tcp or udp flood attack simiultanesly on another…
Ion
- 646
- 5
- 11
0
votes
1 answer
Are emails from the Necurs bot net DKIM and/or SPF signed?
As the questions title already asks: Are emails sent by Necurs DKIM and/or SPF signed?
Or are they unsigned and simply spoofed?
0
votes
1 answer
Finding/Predicting BotNet Generated Domains Without DGA Knowledge
I will pose an academic perspective in my question, but I welcome any and every observation. So a botnet would generate 1000s of domain/day and an actual attacker will register a few, which will be used with a certain probability. Point is, given a…
Jishan
- 193
- 8
0
votes
2 answers
How Mirai scans or find targets
I read some articles about the Mirai botnet.
I can't understand how Mirai scans/finds IoT devices.
Does Mirai scan the entire public IP range with an open telnet port and try to log in?
Danny
- 11
- 4
0
votes
2 answers
Where to find current, live botnet executable clients
I've been able to find readily available botnet source code online however I'm currently working on my university research project and require access to an actual botnet client which encompases DGA's (Domain Generation Algorithms) and is live (the…
0
votes
2 answers
Command and Control Infrastructure
This is an academic question, I googled a lot but couldn't find suitable answers for this question:
What are the different Command & Control infrastructures (Botnets) &
what are the countermeasures?
Any help is much appreciated.
Jishan
- 193
- 8
0
votes
1 answer
Which is better: detecting spam at receiver or source?
Background
I researched a detection of spam sent out using bots. After studying different techniques used by bots to deliver spam, I have no generalised solution to detect spamming at the source network (where bots are residing) in different…
user10012
- 191
- 1
- 1
- 9
0
votes
2 answers
Spam mails originating from botnet
Background
I am working on spam detection at the receiver side,i.e where all mails are delivered,i.e at the mailserver side.
Spammers are capable of sending spam mails through Bots,Open relays and many other sources.
Query
Is,there any way/method to…
user10012
- 191
- 1
- 1
- 9