Peer to Peer Malware

From P2P Foundation
Jump to navigation Jump to search

For a description, read: http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1286808,00.html

The author describes the danger posed by malware such as Storm and Nugache, using P2P principles, and the economy that is behind it.


Example

The istributed/resilient command and control of Storm:

"Rather than having all hosts communicate to a central server or set of servers, Storm uses a peer-to-peer network for C2. This makes the Storm botnet much harder to disable. The most common way to disable a botnet is to shut down the centralized control point. Storm doesn't have a centralized control point, and thus can't be shut down that way. This technique has other advantages, too. Companies that monitor net activity can detect traffic anomalies with a centralized C2 point, but distributed C2 doesn't show up as a spike. Communications are much harder to detect." (http://globalguerrillas.typepad.com/globalguerrillas/2007/10/malware-warfare.html)


More Information

John Robb at http://globalguerrillas.typepad.com/globalguerrillas/2007/10/malware-warfare.html