What are Bots, BotNets and why are they a concern?

“Bots” are programs used to accomplish a purpose. In common usage, a computer “bot” is generally a program used for a nefarious or illegal purpose. These “bots” can be used to send spam mail, spread a virus, gather information, or even attack other computer systems. These bots can enter your system through many different ways (see our hints and tips for information on how to protect yourself).

A “botnet” is a network of systems infected with a “Bot” and controlled from one central Command and Control location.

Using a botnet, an attacker can accomplish a variety of goals and mask his/her identity while doing so. Imagine a zombie army of computers unwittingly doing an evil hacker’s bidding. By compromising huge networks, a single attacker can control hundreds of thousands of computers from a single location. In effect, the bots carry out commands or instructions sent out by the “bot herder” and in many cases, the rightful owners of the computers are never aware that they are infected. Even worse, each system the bot controls attempts to gain control over other systems, exponentially increasing the size of the botnet.

Current statistics vary as to the extent of infected networks. Estimates range from 1.5 million to 50 million systems. In recent weeks, several criminal hackers have been convicted of running widespread botnets of up to 100,000 machines. However, it is rare that these hackers are caught and prosecuted.

Below are some hints and tips to help you secure your computers and your network. There are also links to more information and sites you can access to help update your systems.

1. Patch your system- Keep your system up to date with the latest patches and hotfixes. All Microsoft Operating Systems have built in “Windows Updates” to connect to Microsoft’s current patches and fixes. As vulnerabilities are identified and repaired, Microsoft releases updates. Apple also provides this free service available as part of their Operating System and on the web and most Linux vulnerabilities are documented as they are discovered.
2. Run Antivirus\Antispyware software and keep it updated – Most commercially available antivirus solutions now monitor and disable bot attacks and infections. It is essential that you keep Antivirus software running on all systems that interact with any other computer system and that the virus definitions are kept current. An antivirus solution with outdated definitions is as bad as no antivirus at all. Be sure to get this software from a reputable source that you are familiar with. As sneaky as it sounds, some spyware disguises itself as software trying to “help” you fix an infected system. Be suspicious of pop-ups and emails offering free scans and fixes for your system.
3. Use a Firewall – Implement a software or hardware firewall to block unwanted traffic from entering or leaving your network. Not only do you want to block traffic from entering your network, you want to block unwanted traffic from leaving your network. By opening only the ports you need, you can better prevent a hacker from using open ports to access and control your system.
4. Don’t install software from un-trusted sources – One of the most widespread distribution methods for bots is adding them to pirated copies of software, movies, or music on Internet sharing sites. As always, consider the source and don’t assume that a program or file is not infected unless you’re getting it from a legitimate provider.  Many copies of “cracked” software or music files on P2P (Peer to Peer) sharing networks carry hidden bot files or root kits.
5. Ask for help - Don’t be afraid to ask for help if you need it. There are many sources of information available and professionals who you can contact to set your network up correctly if you don’t feel capable yourself.

Do you have more questions or need help protecting your computers? Contact the support professionals at TechGuides for answers and solutions to your technical problems. or call us at 610-541-6715.