What is a BotNet?

Botnets are software robots. The term is used to refer to a collection of autonomous software robots that are frequently referred by the term bots. These software robots run on groups of ‘zombie’ computers that are remotely controlled by crackers. The term can also refer to the network of computers using distributed computing software.
Although the term ‘botnet’ can refer to a group of software robots such as the IRC bots, it is generally used to refer to a collection of computers (called zombie computers) whose security has been compromised and which are used for running malicious programs such as Trojan horses, viruses, worms etc. under a common command and control infrastructure. A botnet's originator, also referred to as the ‘bot herder’ can exercise remote control over the group of computer systems, usually through means such as the Internet Relay Chat (IRC).

Individual programs manifest themselves as IRC ‘bots’. Quite often, the command and control is exercised via an IRC server or a specific channel on a public IRC network. Newer bots have the capability to automatically scan their environment and propagate themselves using vulnerabilities such as weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community. The process of stealing computing resources as a result of a system being joined to a ‘botnet’ is given a unique name called ‘scrumping’.

Although hidden, Botnets have become a significant part of the Internet. Since a majority of the conventional IRC networks are taking preventive measures and blocking access to the previously-hosted botnets, the bonet controllers continuously strive to find their own servers. Often, a botnet spans a variety of connections ranging from cable, dial-up, ADSL and a variety of different types of networks including corporate, educational government and even the military networks.
Of late, several botnets have been found and removed from the Internet.

Internationally coordinated large scale efforts to shut down botnets have also been initiated around the globe. Despite all these efforts, it has been estimated that up to a quarter of all personal computers connected to the internet are part of some botnet.


Emmanuel Aigbehi