Talk:Botnet hosting

From Spamwiki

Needs cross-referencing to hijacked host, with similarities and differences (if any) explained.

Purists would argue that without a Common Command and Control (CC&C) structure, a set of compromised machines is not strictly a botnet. That is in the Wikipedia definition too - http://en.wikipedia.org/wiki/Botnet

They would call it a set of compromised machines being used for a common purpose.

Wikipedia quote: While the term "botnet" can be used to refer to any group of bots, such as IRC bots, the word is generally used to refer to a collection of compromised computers (called zombie computers) running programs, usually referred to as worms, Trojan horses, or backdoors, under a common command and control infrastructure. A botnet's originator (aka "bot herder") can control the group remotely, usually through a means such as IRC, and usually for nefarious purposes. Individual programs manifest as IRC "bots". Often the command and control takes place via an IRC server or a specific channel on a public IRC network. A bot typically runs hidden, and complies with the RFC 1459 (IRC) standard. Generally, the perpetrator of the botnet has compromised a series of systems using various tools (exploits, buffer overflows, as well as others; see also RPC). Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community. end quote

Is it known that the round-robin set of compromised hosts are CC&C controlled? --MarkGiles 23:58, 2 June 2007 (CEST)