assignment 02 botnet
The spreading mechanisms used by bots is a leading cause for "background noise" on the Internet, especially on TCP ports 445 and _____.
135
What port number has a MySQL UDF weakness?
3306
Types of DDoS flood attacks.
Connection flood, SYN flood, ICMP flood
Flooding a website with more HTTP Request than can handled from many different controlled sites is called
DDoS
Most botnets run on _____.
IRC
The _____ botnet is currently used as a clickbot, generating ad revenue for the botmaster through constant ad-specific activity.
Tr/dldr.agent.jkh
Formerly used for spamming, this botnet has shifted to downloading other malware, with its main focus on fake alerts and rogue antivirus software.
Trojan.fakeavalert
Kinds of attacks that can be launched from a botnet.
all of them
Ways in which a hacker can spread his bot code.
all of them
The controller of a botnet is called the _____.
bot herder
Aka Downadup.
conficker
The Honeynet Project IRC client is called _____.
drone
Related to Foonet which was used a DDoS.
echouafni
Recursive HTTP-flood is also know as spoofing.
false
Three different IRC servers software implementation are commonly used to run a botnet.
false
This crimeware focuses on stealing online game logins, passwords and account information.
gammima
The action of obtaining a bot army is called _____.
harvesting
A method used to observe botnets.
honeynets
_____ is a form of real-time communication over the Internet and the way botnets communicate.
internet relay chat
A bot herder can use a ____ to record all activity on an infected computer.
keylogger
The botnet used to maximize pay-per-click revenue.
koobface
Port 135/TCP is used by _____ to implement Remote Procedure Call (RPC) services
microsoft
_____ is a malware and attack trace collection daemon, uniting the best of honeytrap and nepenthes
mwcollectd
To learn about a victim's machine the bot herder uses the _____ command.
netinfo
A lot of herders run Window mIRC with a tool called _____.
nonamescript
What is the name of the .exe file created in the first video on botnets.
r
A command that allows a bot herder to remotely log in to a server in the network as if they were at a terminal directly connected to that computer.
rlogin
What is the name of the bot herder in the watchguard videos.
spike
A variant of the Lop malware.
swizzor
On average, the expected lifespan of the honeypot is less than _____.
ten minutes
Bot herders protect their botnets by making sure they only obey commands that start with particular prefix.
true
Bot source code always includes a configuration file.
true
Bots can also use a packet sniffer to watch for interesting clear-text data passing by a compromised machine.
true
DDoS attacks are not limited to web servers, virtually any service available on the Internet can be the target of such an attack.
true
Some successful botnet attackers have even sold some of the stolen software items on eBay.
true
_____ is cross-platform and can thus be used to easily link machines running Windows and Linux.
unreal ircd
The name of the botnet that Microsoft successfully attacked.
waledac
This botnet uses key-logging techniques to steal data including by inserting fake HTML forms into online banking login pages to steal user data.
zeus
Another name for the collection of hijacked computers that are a part of a botnet.
zombies