«
»

Anonymized Botnet?



Sans has a story on botnet traffic spotted coming from the TOR network. Now, I had to refresh my memory on what TOR is, but it’s an anonymizing network, essentially a computer running TOR, would collect a list of TOR client machines on the internet and then connections to other pcs are routed through encrypted connections through several different pcs, which masks the origination of the data request. Of course, this doesn’t mean that botnets are actively making use of TOR, it could just be an inadvertant…. “route all my traffic through TOR” computer got a bug….


Of course, now that this has been reported though…. we may well start seeing intentional use of anonymizing services for malware. It certainly looks as though it could muddy the waters in a few areas. Sans is suggesting Enterprise networking setups might consider blocking TOR.

They’ve also updated to say that it appears as though this is NOT a botnet specifically making use of TOR, but a machine that is routing all traffic through TOR that has picked up a bug.

Popularity: 1% [?]

Free PDF    Send article as PDF   
Blog Traffic Exchange Related Posts
  • Network Security guide for the home or small business network - Part 6 - Secure your services This one is going to be tougher. Of what we've looked at so far this will probably take more work and learning than any of the others. The good news is, depending on your situation you may need to do less here. IF you have decided that your pc (or......
  • Computer security day.... A few days ago - while musing about the botnet take-down of Blue Security - I said something along the lines of "Make sure your pc’s are clean from “bugs” and help your friends do likewise. Spread the word, we need a “worldwide clean your computer with antivirus and antispyware......
  • Giving the gift of PC security Brian Krebs at the securityfix has a good article for those that are getting a new pc for Christmas (or those that know someone who is.) He has a nice outline of setting up limited privilege user accounts, installing windows updates, using a firewall and using antivirus. This is a......
Blog Traffic Exchange Related Websites
  • Prevention Registry Error Software A registry error is one of the most ordinary reasons of computer irritation as they can stop applications from working correctly and build common constancy problems.The main reasons of a registry error choice from damage done by difficult software like viruses and malware to inappropriate removing of software and even......
  • Security - The Blackhole Of Internet Businesses Nowadays, we can see most of businesses are taking advantage over the World Wide Web (known as the Internet) to market and promote their products and services. It is a must for any businesses to integrate their operations onto the Internet to make sure that they can become the best......
  • Battling Conventional Telecom and Media Providers Yesterday I prevailed in my little struggle with AT&T over saving money on our landline telephone. Since I was unable to fully downgrade our service using online account management, I connected to the site as a potential new customer so I could engage the online, real-time chat person/robot. When she/it......

Similar Posts


This entry was posted on Wednesday, July 12th, 2006 at 8:55 pm and is filed under Computers, Networking, Security. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.

Switch to our mobile site