Saturday, February 9, 2019

Netiquette IQ Blog For 2/9/2019 command-and-control server (C&C server)



+++++++++++++++++++++++++++++++++++++



February is Black History Month And Pantone Color Month(Coral in 2019)








Buy the books at

 www.amazon.com/author/paulbabicki
====================================================















command-and-control server (C&C server)
from whatis.com
A command-and-control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware. C&C servers can be used to create powerful networks of infected devices capable of carrying out distributed denial-of-service (DDoS) attacks, stealing data, deleting data or encrypting data in order to carry out an extortion scheme. In the past, a C&C server was often under an attacker's physical control and could remain active for several years. Today, C&C servers generally have a short shelf life; they often reside in legitimate cloud services and use automated domain generation algorithms (DGAs) to make it more difficult for law enforcement and white hat malware hunters to locate them.
A malicious network under a C&C server's control is called a botnet and the network nodes that belong to the botnet are sometimes referred to as zombies. In a traditional botnet, the bots are infected with a Trojan horse and use Internet Relay Chat (IRC) to communicate with a central C&C server. These botnets were often used to distribute spam or malware and gather misappropriated information, such as credit card numbers.
Popular botnet topologies include:
  • Star topology - the bots are organized around a central server.
  • Multi-server topology - there are multiple C&C servers for redundancy.
  • Hierarchical topology - multiple C&C servers are organized into tiered groups.
  • Random topology - co-opted computers communicate as a peer-to-peer botnet (P2P botnet).
Since IRC communication was typically used to command botnets, it is often guarded against. This has motivated the drive for more covert ways for C&C servers to issue commands. Alternative channels used for botnet command include JPG images, Microsoft Word files and posts from LinkedIn or Twitter dummy accounts. 
                                        




                                                                        

No comments:

Post a Comment