Dear All,
It is to inform all the campus network users that we are getting a lot of warning mails
from our ISP NKN about BOTNET INFECTED IPs from our network.
A brief note about "botnet" and "countermeasures" for it is given below to secure your systems.
A botnet is a network of compromised machines called "bots" that can be remotely controlled by an attacker.
These machines can be used by attackers to launch DDoS attacks, sending Spam messages, infecting other machines or
to engage in various other kinds of malicious activities.
Popular media for controlling botnets are IRC channel, P2P network and HTTP.
When the malware runs, it turns the infected system into a bot connecting to
an C&C server (A command and control server). Bot infected systems are
connecting to the C&C Servers on specific ports and listen for commands from remote attacker.
In view of the high damage potential of Botnet infected machines,
CNF advise all the campus network users to disinfect your systems and
take appropriate countermeasures suggested below to prevent such incidents in future.
Countermeasures:
1. Install and maintain updated anti-virus and anti-spyware software at desktop level.
2. Scan computer system with updated anti-virus for possible infections and disinfect the same.
3. Install and maintain personal desktop firewall.
4. Use only genuine software.
5. Keep up-to-date patches and fixes on the operating system and application software.
6. Exercise caution while opening email attachments.
7. Do not browse un-trusted websites or follow un-trusted links and excercise caution while click on the link provided in any unsolicited emails.
--
With Regards,
CNF Team.
No comments:
Post a Comment