Re: [flalug] One quarter of all computers part of a botnet

From: Chad Perrin (perrin@apotheon.com)
Date: Wed Jan 31 2007 - 13:58:13 EST

Previous message: John Pugh: "Re: [flalug] One quarter of all computers part of a botnet"
In reply to: John Pugh: "Re: [flalug] One quarter of all computers part of a botnet"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, Jan 31, 2007 at 09:30:11AM -0700, John Pugh wrote:
> >>> On Wed, Jan 31, 2007 at 10:28 AM, in message
> <45C0B586.8050702@perennialwisdom.com>, Khepri <khepri@perennialwisdom.com>
> wrote:
> > Chad Perrin wrote
> >> On Sun, Jan 28, 2007 at 01:35:59PM - 0500, Khepri wrote:
> >>
> >>>tom smith wrote:
> >>>
> >>>>Interesting article about Vinton Cerf's finding.
> >>>>Smitty
> >>>>http://arstechnica.com/news.ars/post/20070125- 8707.html
> >>>
> >>>That's intimidating.
> >>
> >>
> >> It's also a rather effective indicator of the continuing domination of
> >> the desktop computer operating system market by Microsoft.
> >
> > Good point. Am I correct in understanding that all these botnets are MS
> > product based?
> >
> > Chris C.
> >
> > p.s...I was ill for the last 9 months or so and am just now trying to
> > catch up on "things"...one of those being reveisiting this list...;)
>
> Glad you are back!
>
> I would not make the broad assumption that it's all windows. Certainly anything using Outlook is extremely high risk. There are many root-kitted Unix/Linux machines out there as well and many other compromised machines that don't fit either category.
>

I guess that depends on your definition of "many". At a guess, if the
25% number is accurate, I'd say that somewhere in the neighborhood of a
third of all Windows machines are compromised, and that a percentage
somewhat smaller than twenty-five of non-Windows boxen share that fate.

> The point is that a TON of resources are unknowingly wasted on illicit activity. If the unknown compromised computers were known, it could be reduced substantially and eventually "prevented". However, short of not using Outlook or blocking all inbound/outbound comms, there is no easy way to combat or eliminate this issue.
>

In particular, Outlook and/or Outlook Express can probably be blamed for
most of this, as you seem to suggest. Botnets are far more likely to be
used for sending spam email than any other purpose, in my estimation,
and almost all malware designed to perpetuate spam botnets targets
Outlook or Outlook Express.

-- 
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
"The measure on a man's real character is what he would do
if he knew he would never be found out." - Thomas McCauley

Previous message: John Pugh: "Re: [flalug] One quarter of all computers part of a botnet"
In reply to: John Pugh: "Re: [flalug] One quarter of all computers part of a botnet"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:21:08 EDT