1 / 23

SPAM/BOTNETS and Malware

SPAM/BOTNETS and Malware. Neil Warner, CIO, GoDaddy.com Moderator: Dan Kaplan, deputy editor, SC Magazine. We Put Up Walls. Modern Day Fort. War Against SPAM. How do you Detect SPAM Mails? Key words Heuristics/Abnormal behavior What can you do to defend against it? SPAM Filters

neva
Download Presentation

SPAM/BOTNETS and Malware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SPAM/BOTNETS and Malware Neil Warner, CIO, GoDaddy.com Moderator: Dan Kaplan, deputy editor, SC Magazine

  2. We Put Up Walls

  3. Modern Day Fort

  4. War Against SPAM • How do you Detect SPAM Mails? • Key words • Heuristics/Abnormal behavior • What can you do to defend against it? • SPAM Filters • Reputation services to block traffic from those Spamming IP addresses • Take down the root cause

  5. SPAM

  6. Bot Army • What are Botnets used for? • How do we detect them? • How can we defend Against it? • Botnet lifecycle • Bot-herder configures initial bot parameters such as infection vectors, payload, stealth, C&C details • Register a DDNS • Register a static IP • Bot-herder launches or seeds new bot(s) • Bots spread • Causes an increase of DDoS being sent to the victim • Losing bots to rival botnets

  7. Botnets

  8. Camouflaged Attacks • Different types of Malware • Broad Category • Trojans, Rootkits, Backdoors • Malware for Fun and Profit • Spyware, Key loggers, Dialers, Bots, Proxies, SEO etc.. • Grayware

  9. Malware

  10. Threat Landscape - Brute Force

  11. Threat Landscape - FTP

  12. Threat Landscape - SSH

  13. Threat Landscape - Conficker

  14. Threat Landscape - Slammer

  15. Threat Landscape - Fake Search Agents

  16. Threat Landscape - e107 bot

  17. How Does Malware Happen

  18. Fake AV • 0 Day vulnerability in a web application or Web Server • Compromises the web sites • Redirects the end user to a malware site or competitors website. • Example: Fake AV Campaign

  19. What Can We Do? Network/Application Security tools Firewalls Intrusion Prevention Systems Intrusion Detection Systems Web Application Firewalls Network Access Controls Antivirus Reputation based Access Code Audits

  20. The Most Important Deterent Security Professionals

  21. Is The Internet Worth IT?

  22. Thank You| Q&A Neil Warner, CIO GoDaddy.com nwarner@godaddy.com

  23. References • https://zeustracker.abuse.ch/ • http://www.malwaredomainlist.com/ • http://www.phishtank.com/ • http://www.clean-mx.de/ • http://en.wikipedia.org/wiki/Botnet • http://en.wikipedia.org/wiki/Malware

More Related