Researchers infiltrate denial of service networks
Source: ZDNet Australia
Security researchers have been infiltrating denial of service 'botnets' in order to study a remarkably affective Distributed Denial of Service (DDoS) technique.
As a part of his work for the Honeynet Research Alliance, Bill McCarty, an associate professor of Web and information technology at Azusa Pacific University in Southern California, deployed a series of vulnerable Windows based systems on the Internet. These "honeypots" were compromised by Internet worms and malicious hackers over and over, and led McCarty on a whirlwind tour through a series of sophisticated DDoS networks, one after the other.
"You put up a honeypot and it gets knocked over... again and again and again," he told ZDNet Australia.
Once his honeypot had been compromised, it joined what’s called a botnet, or bot network. These networks are used by malicious hackers to conduct denial of service attacks by issuing single commands to huge numbers of systems through internet relay chat commands.
A program "dropped" on to the infected host connects to a chat server as any normal chat program would. Once it is connected it joins a pre-defined chat channel and listens for instructions. It is not unheard of to see channels with up to 100,000 slave computers in them.