Slashdot Mirror


Two Worm "Families" Make Up Most Botnets

JMoon writes "HNS has an article about the Sdbot and Gaobot families which are responsible for most botnets worldwide. These two families were responsible for 80 percent of detections related to bots during the first quarter of 2007. Other culprits, although on a much lesser scale, included Oscarbot, IRCbot or RXbot."

1 of 176 comments (clear)

  1. Re:Non Windows Bots by Anon-Admin · · Score: 5, Interesting

    I don't think those are bots.

    I noticed my servers SSH port being hit a few years ago. I moved it to another port, locked the port down, then set up an SSH honey pot on the standard port. The honey pot attempts to ID people from programs using a verity of methods such as space between key strokes and use of the backspace or delete key.

    I found that once the attacking software appeared to have access to the server, A person would login and check it out. Most of them attempted to use wget to dump a root kit onto the server. I have grabbed copies of the software they attempt to down load and checked it out.

    It normally consists of a root kit, network scanner, packet sniffer, and the scanning software to scan and hack SSH.

    I think these are wannabe hacker kids trying to get in.