Have you ever heard these two terms “Botnet & Honeypot”! These are related with your computer network. Let’s have some discussion about these terms and find out what they are and how one can infect the computer network and other can protect the system from malware attacks. Botnet: Most of the home computer users are unaware of the Botnet and its consequences. Botnets are the large networks of computers which have been infected with viruses by hackers or attackers. Due to this, all the computers grouped together in a network and allow hacker to use these computers to sent fake or junk mails, or to spread viruses to generate bigger botnetworks as well as can carry out a Daniel Of Service Attack on a website or server that can cause crash issue. A computer affected by botnet attack performs automated tasks over the internet without your knowledge. One of the bad things is that, it is tough to track the guys who have created them in first place. Attackers can use this kind of malware either to trash your data or want some ransom. They can crash your entire web server until you pay the ransom. Botnets network can range from 50 machines to thousands of computers. For huge damage, there is no need of huge hacker networks as a botnet of 400-500 computers is enough to affect a corporate website with a DOS attack.
So how we can protect our computer network or server from botnets? Answer of this is “Honeypot”.
Honeypot: It is a system which is used to detect, deflect and control attempts at unauthorized use of information systems. Honeypot includes a computer, data and network site which seems like a part of network but in fact it is isolated and monitored to gather the information and resource of value to attackers. Honeypot is used to create potential loopholes for attackers that help to identify such devices and avoid getting caught. Two or more honeypots on a network create a honeynet which is used to monitor a large diverse network that is tough to handle by single honeypot. Both honeypot and honeynet are generally implemented by larger network intrusion detection systems.
Honeypot Types: 1. Malware Honeypot 2. Spam Version 3. Email Trap 4. Database Honeypot
In order to track botnets, honeypot is used. How it can track botnet? - A bundle of unpatched computers are connected to the net and then it is analyzed and monitored that how hacker goes about compromising these systems and build their bot networks. By collecting such information, it can be used to create better security tools to protect against botnets.