To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- On Thu, 14 Sep 2006, Botnet Hunter wrote: > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > ---------- > On 9/14/06, Gadi Evron <[EMAIL PROTECTED]> wrote: > > > AVG is 15K, I can prove *on my own* 12K... counting banking/phishing > > trojan horses, general purpose trojans, dialers, etc (from the large bot > > families). > > So... by both your and Jose's definitions Banker.Delf is a bot? A > dialer is a bot? A downloader is a bot? An Explorer Hijack is a bot?
I treat the banker family (and similar) as bots. Absolutely. > A phishing email is a bot? If the email has a certain attachment with it, that I will call a banker trojan, than yes. If it spreads as such (or more importantly, through such) and reports to a centralized location, than yes, it is a bot. A bot is a trojan horse, often with spreading capabilities and a centralized reporting/control mechanism. > I'm sorry, but while I believe botnets (particularly those controlled > via HTTP(S) which follow protocol standards) are a serious problem - > your numbers don't ring true to the fairly large set of samples I see > under my definition of a bot. They don't seem to be ringing true with What is your definition of a bot? > some of other people either. In fact, to me, they sound a lot like > hype. The numbers I mentioned are about the known bot familities, such as agobot, rbot, etc. The fact I call a banker a bot is unrelated to these numbers but should add about a thousand. Not much more. If you include other phishing trojans with central control/reporting mechanisms that I do count, quite a bit more. What do you think bots are used for? Multi-purpose bots are not the only trojan horse I will refer to as a bot. That said, I will not treat a self-replicating virus as a bot. :) I understand the confusion, but there is nothing to be confused about. These numbers are accepted and known. Your disbelief is out of your lack of willingness to accept such numbers, as you stated. > 2,000-3,000 a month of true connection oriented and non-connection > oriented bots (IRC vs. HTTP & custom protocol) which are capable of Connection oriented? > receiving and acting on multiple commands are what I'm seeing. This Ahh, multi-purpose bots. > would include the "classic" bot/zombie, the http and custom protocol > bot/zombie and some RATs. Hmm, p2p? Gossip-algorithms based? WEB services based? No connection at all but rather act as a dropper? The dropped result? Specific-purpose trojans? Phishing trojans? (bots) > So saying you have a 12" penis may in fact be true and yes... it might > even make me feel a little insecure about my smaller manhood. But not > if your talking about a piece of plastic. I suggest you see a doctor about that, they have operations to help with insecurity these days. But seriously, these numbers are what they are, I wish they were invented, but they are not. Please, let me elaborate further on whatever you like. Please grill me here and now about them. Ask me the questions you want to ask. > _______________________________________________ > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > All list and server information are public and available to law enforcement > upon request. > http://www.whitestar.linuxbox.org/mailman/listinfo/botnets > _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
