Defeating IRC bots on the internal network

2007-02-01

Vinoo Thomas

McAfee Avert Labs, India

Nitin Jyoti

McAfee Avert Labs, India
Editor: Helen Martin

Abstract

Fuelled by financial incentives and readily available source code, malware authors pursue aggressively the development of newer bot modules and the exploitation of code into these bots. Vinoo Thomas and Nitin Jyoti describe how an IRC honeypot can be used to provide an early warning system for botnet activity.


The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

Malware Prevalence
Autorun |#######|
Encrypted/Obfuscated |#####|
Heuristic/generic |#####|
Sality |####|
Zbot |####|
 View this month's full report

Virus Bulletin currently has 224,243 registered users.