Tuesday, January 10, 2012

What is a Bot ? - Security Term

A bot is a compromised computer which is running software that allows a remote computer to control it. The software is usually installed by someone breaking into the computer, but can also be installed by a user who thinks he is installing a game or other software which he may have downloaded from a website or received via Instant Messenger (IM). Just like worms, bots can duplicate inside computer networks and can cause 'traffic jams' in those networks. Unlike worms that exploit existing vulnerabilities, bots create their own by opening up backdoors, which are holes in your security, in order to control your computer so that the hacker can steal your information, spy on you, relay spam email using your IP address, and launch those same attacks on other computers in the network.

It is often difficult to detect a bot infected computer without looking at the network traffic it is generating. There are many different kinds of bot software (and most bots can update themselves automatically), new versions are always being created, and the bot software itself can take steps to avoid being detected, so frequently the bot software cannot be detected when a computer is scanned for viruses and spyware.

Unless you can determine specifically what you need to do to clean up the system (either because you found a disinfection program that does a good job and detects the bot software or because you've managed to find all the services, files and registry keys that have been changed or installed), your only course of action to secure your system is to rebuild it from scratch.

source: freetechexams

No comments:

Post a Comment

Once you submit the comment, please wait for its approval. Sooner or later your comment will show up so do not comment twice.