Dear All,
      
It is to inform all the campus network users that we are getting        a lot of warning mails 
        from our ISP NKN about BOTNET INFECTED IPs from our network. 
      
A brief note about "botnet" and "countermeasures" for it is given        below to secure your systems. 
        
        A botnet is a network of compromised machines called        "bots" that can be remotely controlled by an attacker. 
      
These machines can be used by attackers to launch DDoS attacks,        sending Spam messages, infecting other machines or 
        to engage in various other kinds of malicious activities. 
      
Popular media for controlling botnets are IRC channel, P2P        network and HTTP. 
        When the malware runs, it turns the infected system into a bot        connecting to 
        an C&C server (A command and control server).        Bot        infected systems are 
        connecting to the C&C Servers on specific ports and listen for        commands from remote attacker. 
      
In view of the high damage potential of Botnet infected machines,        
        CNF advise all the campus network users to disinfect your systems        and 
        take appropriate countermeasures suggested below to prevent such        incidents in future.
        
        Countermeasures: 
        1. Install and maintain updated anti-virus and anti-spyware        software at desktop level.
        2. Scan computer system with updated anti-virus for possible        infections and disinfect the same.
        3. Install and maintain personal desktop firewall.
        4. Use only genuine software.
        5. Keep up-to-date patches and fixes on the operating system and        application software.
        6. Exercise caution while opening email attachments.
        7. Do not browse un-trusted websites or follow un-trusted links        and excercise caution while click on the link provided in any        unsolicited emails.
      
--
      
With Regards,
CNF Team.
      
      
      
No comments:
Post a Comment