Defeating IRC bots on the internal network

2007-02-01

Vinoo Thomas

McAfee Avert Labs, India

Nitin Jyoti

McAfee Avert Labs, India

Editor: Helen Martin

Abstract

Fuelled by financial incentives and readily available source code, malware authors pursue aggressively the development of newer bot modules and the exploitation of code into these bots. Vinoo Thomas and Nitin Jyoti describe how an IRC honeypot can be used to provide an early warning system for botnet activity.

The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

Magazine


	February 2007 PDF Please register to download the PDF Comment The malware epidemic News Vista security concerns VB100 news Microsoft steals market share Malware prevalence report December 2006 Analysis Cain and Abul Features Defeating IRC bots on the internal network Web server botnets and hosting farms as attack platforms Call for papers VB2007 Vienna Comparative review VB comparative review: Microsoft Windows Vista Business Edition (32-bit) Spam Bulletin Upcoming events OSBF-Lua See also Virus Bulletin archives How to become a subscriber Reprints

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

Malware Prevalence

Autorun
Encrypted/Obfuscated
Heuristic/generic
Sality
Zbot

View this month's full report

Virus Bulletin currently has 224,243 registered users.

Fighting malware and spam

Defeating IRC bots on the internal network

Vinoo Thomas

Nitin Jyoti

PDF

Comment

News

Malware prevalence report

Analysis

Features

Call for papers

Comparative review

Spam Bulletin

See also