Botnet vs. Botnet: Can A Good Botnet Block A Bad One?

from the battle-of-the-botnets dept

Last year we wrote about how rival online scammer gangs had their botnets fighting each other by disabling trojans of competing botnets on their computers -- but it appears that some researchers have a different idea for creating a "good" botnet to fight the "bad" botnets being used for denial of service attacks (found via Slashdot). This is quite different than some older proposals to create "good worms" that go about automatically patching infected machines (which are wide open to abuse). Instead, the idea is rather creative. It involves setting up a distributed system of computers that effectively act as a way station for connect requests -- which then wait for the actual server to request the inbound requests. This prevents the server from being overloaded (though, I would imagine it could slow down access somewhat). Either way, it's nice to see efforts under way to stop such zombie botnets. Hopefully someone isn't sitting on a patent for such an idea and waiting to sue, like we've seen with other security measures.

Filed Under: botnets, denial of service, zombies

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Dean Landolt, 23 Apr 2008 @ 7:39pm

    RE: Stupid, stupid idea


    One: Even if it's working you are adding a lot of network traffic for something working?

    And no, you're not really adding much network traffic -- and even so any additional traffic would just be O(1). You're simply distributing proxies to handle incoming requests -- it's technically not all that crazy sounding features that Just Work every day.

    Two: this gripe has a bit more legitimacy complaint, but it applies equally to building and networking any equipment equally.

    The bottom line is DDoS attacks are one of the few remaining achilles heels of web architecture. Technical solutions like the one proffered are not only possible, they damn well may be necessary should Russia light up its bot net again like it suspected to have done against Estonia.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.