1.1 Bots and Botnets
How to prevent communication from a C&C?
Block it at the firewall; identify it at the workstation with a host-based firewall or host-based IPS
C&C
Command and control; a computer controlled by an attacker which is used to send commands to systems compromised by malware and receive stolen data from a target network.
Common purposes for botnets?
DDoS attacks; renting out botnets to criminals
How to prevent botnet infections?
Keep your operating system and applications patched; keep anti-virus and anti-malware signatures updated
How do botnets get in?
Trojan horse or vulnerability in operating system or application
How to identify a botnet infection?
Use a scanner or network monitor