Of course the desires and objectives of each given party are different and thus configurations based on acquired data would be user specific. Research in this realm could also make for more predictable server stability in the long run by providing data for optimized server updating schedules. If a trend emerges in the data gathered that can accurately predict what type of bot is most likely going to connect to which one of your ports and with what command, a much tighter filter can be placed allowing for administrators to better capture the Botnet types they desire to study. Research in this realm should be very conducive towards better arming It personnel in that more effective IDS and IPS systems can be implemented if network admins are more knowledgeable about the evolution, and progressive algorithm enhancement of various bots categorized by attack type, cloning strategy, host IP ranges, lifespan, and update cycle. Having looked at the current research and the various advances and deficits, I am greatly considering looking into the updating behavior and cycles of various Botnets. I think that given the time frame and desire to produce admirable results (having to complete a background check I can not yet deploy a Honeynet on University property, this should be accomplished by the middle of next week). A good look into the basic configurations and commands for three common Bots.
0 Comments
Leave a Reply. |