Bot nets are one of the most common forms of compromise on the Internet today. Bot networks grew out of the explosion of home and user systems and the common availability of high speed Internet connections. Basically, they are little more than systems that attackers have compromised and put under their control that use some type of mechanism to get new tasks or commands and report their results.
Mostly, bot infected computers are home systems that attackers often use for scanning other systems, sending spam or performing other illicit activities. Often, the controller of the bot systems will rent or sell the bot services to others. No matter if they use the systems themselves, or sell their services – usually the master is after one thing, MONEY.
That’s right. They make money from the illicit use of YOUR system, if it belongs to a bot network. They use your hardware and your bandwidth, and they receive the returns. Even worse, if your system would be used in a serious crime, there may be criminal and civil penalties for YOU. While case law continues to grow on this, it appears there may be some capability for some victims of the bot net to come back at you for failing to adequately protect your system – which ultimately caused them damage.
So, the big question is – how do home users protect themselves from bot infections and the other issues associated with them? Primarily, they do by following this advice:
- Ensure that your computer has a firewall and anti-virus at all times. Make sure the firewall is engaged and that the anti-virus software is up to date.
- Keep your computer current on patches. Turn on the auto-update capabilities of the operating system and make sure you patch your applications if they have available update mechanisms as well. This is a lot like safe sex in that failure to be safe even once can have long term implications on your security.
- Consider using a browser that is somewhat hardened or hardening your browser. There are a ton of browsers out there, and a ton of tools for hardening the common ones. Check them out and make sure your browsing tools are protecting you against attack. Don’t use default installs of IE or FireFox – configure them for higher protections, if at all possible.
- Consider other security tools and mechanisms. You need spyware tools and other security mechanisms if you travel. Spend some time reading about mobile security and apply what you can to your life.
- If in doubt, rebuild your system. THIS IS CRITICAL – there are simply some things that can be done to a computer that impact the long term security of it. If you have doubts about your system’s security – rebuild it and protect it from the start. If you know you have an infection or problem – backup your critical data and rebuild. It is much easier than most other solutions.
Take these steps and some basic vigilance and apply them to your computing experience. Bot nets will continue to be a primary threat to Internet users, but being smart about them and aware of the defenses makes you less likely to be a victim.