Reaching Others University at Buffalo - The State University of New York
Skip to Content

Botnet

Botnets attempt connectivity to a known or reported botnet or botnet controller. They also have been rejected or banned consecutive times from a legitimate IRC network.

Hosts suspected of botnet activity should be considered compromised and checked for signs of infection or data theft. The malware associated with these types of incidents are usually not found by most A/V products and are ever evolving. Most botnet incidents are vetted by a security analyst prior to being flagged as incidents as to avoid potential false positives. Most botnet incidents are a 1-1 type if incident where they exhibit a very specific behavior that is difficult to spoof. Other inputs include flags from outside, vetted and credible sources of the activity.

Did This Page Answer Your Question?

(Required)
 
Email, UBITName or phone number
(Required)
Enter the letters or numbers you see below in the space provided. Click "Get a new challenge" if they are not readable.