Hello from Virus Bulletin 2011! Several talks this morning were very good, and an unusual topic about DDoS in the east was presented early in the afternoon.
Over 40 families of Chinese DDoS bots were identified by Arbor Networks and have been tracked over the past year. Online occurance of the malware itself is increasing. A ton of these families are cropping up all the time, at least a new one every week appears with an unusual new capability. When these botnets are used to DDoS an online presence, often it is difficult to understand or even speculate what the motivation behind the attack may be. Most of the code base is shared, cobbled together, and generally was thrown together by inexperienced writers.
Arbor writes and maintains "fake bot" monitors to log data and activity of these botnets and build up a better picture of attacks and profile of groups. One of these familes represents the "typical" Chinese DDoS bot: darkshell is a great example of the rudimentary and simple level of network traffic obfuscation, but it's as sophisticated as it gets for these families.
nod32 full download full nod32 download est nod32 serial 64 bit nod32
Hiç yorum yok:
Yorum Gönder