Hunting for Botnet Command and Controls

Uky writes "Convinced that the recent upswing in virus and Trojan attacks is directly linked to the creation of botnets for nefarious purposes, a group of high-profile security researchers is fighting back, vigilante-style. The objective of the group, which operates on closed, invite-only mailing lists, is to pinpoint and ultimately disable the C&C (command-and-control) infrastructure that sends instructions to millions of zombie drone machines hijacked by malicious hackers." From the article: "Using data from IP flows passing through routers and reverse-engineering tools to peek under the hood of new Trojans, Thompson said the researchers are able to figure out how the botnet owner sends instructions to the compromised machines."

Re:Violation of My Privacy?

[deep44]

When the security "experts" are busy looking at all the data passing through routers, who is busy ensuring that the "experts" will not violate my privacy by reading the personal but sensitive e-mail notes that I send to my friends and associates?

Umm.. they're not looking at "all the data passing through routers". Flow data is a sampling of information (source, dest, proto, port, etc) from a designated collection point. Even without the actual "data" portion of the packet, it's impractical to collect anything more than a small percentage of the total traffic.

So you can put the gun down- your privacy is safe.