Botnet Attack

A botnet is a collection of software agents, or robots, that run autonomously and automatically. The term is most commonly associated with IRC bots and more recently malicious software, but it can also refer to a network of computers using distributed computing software.
The main drivers for botnets are for recognition and financial gain. The larger the botnet, the more ‘kudos’ the herder can claim to have among the underground community. The bot herder will also ‘rent’ the services of the botnet out to third parties, usually for sending out spam messages, or for performing a denial of service attack against a remote target. Due to the large numbers of compromised machines within the botnet huge volumes of traffic (either email or denial of service) can be generated. However, in recent times the volumes of spam originating from a single compromised host have dropped in order to thwart anti-spam detection algorithms – a larger number of compromised hosts send a smaller number of messages in order to evade detection by anti-spam techniques.
Typical botnet topologies are:

• Star
• Multi-server
• Hierarchical
• Random

To thwart detection, some botnets were scaling back in size. As of 2006, the average size of a network was estimated at 20,000 computers, although larger networks continued to operate.