ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

Botnets use Windows for wicked work

Dan Ilet ZDNet.co.uk

Published: 16 Mar 2005 17:15 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Despite Microsoft's renewed focus on security, latest research shows that computers running Microsoft Windows XP and 2000 form the bulk of networks of compromised computers, commonly called botnets.

The study carried out by the German Honeynet Project found more than 80 percent of Web traffic from botnets used four ports designated for resource sharing by various versions of Windows. The research also found that the vulnerabilities behind some of the exploits used to take over a PC can be found by searching for information on Microsoft's security bulletins.

The report stated: "Clearly most of the activity on the ports... is caused by systems with Windows XP (often running Service Pack 1), followed by systems with Windows 2000. Far behind, systems running Windows 2003 or Windows 95/98 follow."

Microsoft responded with an emailed press statement that said: "Creating malicious IT and data threats is a criminal offence that affects everybody. This type of criminal activity is usually driven by financial motive, and criminals often target the Microsoft platform and its applications because of its large installed base. This is however a serious cross-industry issue where no organisation is immune from the threat. Security is a top priority for Microsoft and it is committed to engineering platforms that are more secure and trusted "

The most exploited Windows ports found in the research were: port 445/TCP (used for file sharing); port 139/TCP (used to connect to file shares); port 137/UDP (used to find information on other computers); and 135/TCP (used to execute code remotely).

Botnets are commonly used for denial-of-service (DoS) attacks, where a target computer is overloaded with data and falls over. They are also used for spamming, spreading malware, manipulating online polls and mass identity theft.

From the beginning of November 2004 until the end of January 2005, researchers saw 226 DoS-attacks against 99 unique targets. They looked at 100 botnets in the four-month period and saw 226,585 unique IP addresses involved with at least one of the botnets monitored.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
86 out of 175 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:



Related Jobs

Arabic Technical Support Engineer (Messaging applications, Domino, Exchange)

French RMC Engineer (Linux)

Systems Administrator

Sentry Posts Blog

Toshiba touts Quantum Key Distribution

Toshiba research scientists have developed a method of distributing quantum keys more efficiently, the company has claimed in a statement: "[Quantum Key Distribution -- ] QKD --... More

Post a comment

Virtual Teams: Small Business Innovati...

Virtual Teams: Small Business Innovation Author: Eric Everson, Founder – MyMobiSafe.com As the founder of MyMobiSafe.com, I’ve found that because of our presence in the industry... More

Post a comment

Mobile Security and Innovation: An Ope...

Mobile Security and Innovation: An Open Case Author: Eric Everson, Founder MyMobiSafe.com The times are changing in the mobile industry as “big wireless” in the US Markets are calling... More

Post a comment

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers