What a Botnet Looks Like 122
Esther Schindler writes "CSO has an annotated, zoomable map of real botnet topologies showing the interconnections between the compromised computers and the command-and-control systems that direct them. The map is based on work by security researcher David Voreland; it has interactive controls so you can zoom in and explore botnets' inner workings. Hackers use botnets for spamming, DDoS attacks and identity theft. One recent example is the Storm botnet, which may have comprised 1 million or more zombie systems at its peak. As with any networking challenge, there are good (resilient) designs and some not-so-good ones. In some cases the topology may be indicative of a particular botnet's purpose, or of a herder on the run."
I, for one.. (Score:5, Insightful)
Re:Check out the losers (Score:5, Insightful)
I do know what those users think, and it's very much like you posited: "My computer has become unusably slow, and I don't know why or how to fix it!" Unfortunately that was followed by, "Aunt Esther, can you tell me what's wrong?"—and thus I spent half a day killing enough of the junk that I could install a firewall, antivirus, etc.
People like my nephew aren't unwilling to learn. They're just lost when it comes to their computers. And they don't particularly mind being ignorant as long as the equipment works right (or appears to). Just as most of us don't feel the need to understand how a car works in order to drive one.
Some of us remember the days when we wistfully wanted computers to become easy enough for ordinary people to use them. Alas, we got our wish.
Re:Thanks for posting... (Score:5, Insightful)
My current RBL has about 6.5 million entries, and is extremely permissive. It is also updated bi-hourly.
I sure wouldn't want my machine to traverse a hosts table of 7 million hosts every time I tried to look up a name in the DNS.
Same for your firewall, 7 million entries will cripple iptables. Hell, 30,000 entries causes visible slowness on a dual-core opteron system.
Of course, you might get better performance out of iptables with the ipsets kernel patch. But that's still a damned big list.
Re:Check out the losers (Score:4, Insightful)
Not everyone does understand basic maintenance. You'd be amazed. Plenty of people wait until the car breaks down before they think to get it serviced.
And they don't like to gain even basic knowledge. In the gas crisis of the late 1970s, my (then-)mother-in-law waited 40 minutes at a gas station before she got to the pump. When she discovered it was self-serve, she drove away, because she didn't know how to use the pump herself. (Yes, obviously all she had to do was ask the person behind her—who'd be motivated to help—but she didn't.)
Also, even when people take the car in for maintenance, it's something they do out of distrust for the practitioners. That's better than not taking it in, of course, but it's inherently a combative relationship: what's the mechanic gonna tell me I need this time?
The thing is, few of us want to be experts in every technology we use. We just want it to work.
None of which excuses ignorance, mind you, but it does explain it.
Re:Oh come on. (Score:3, Insightful)
Re:Oh come on. (Score:3, Insightful)
Re:Oh come on. (Score:2, Insightful)
The best way to combat sockpuppets is to raise awareness of their existence and the parent-child relationship. Sure, sometimes that info is OT when post IS actually informative, or insightful, or whatever... in which case the posts should rightly be modded offtopic. However, I think it's healthy for the slashdot community for these posts to come through and be seen once a month or so.