How To Protect Bots by Maungpauk

(3)
Bot
Bot
?
Bot

Bot

Robot
Bot
Bot Network
() Bot Server Network
Bot Network
Bot Network Phishing (*1) Spam (*2)
DDoS (*3)
Bot
Server
Spam
2)
3) Spam (URL)

4) (*4)

5)
backdoor (*5)

6) (PtoP)
7) Instant messenger (*6)
4)

Microsoft Update
Network

Network Server (Bot IRC
(Internet Relay Chat) (*7) ) (Spam DoS (*3) network
Network Scanning (*8)
Version up Server

1) Spam mails ( Spam (*2) )
2) DoS (
)
3) Network (
)
IP Address
4) Network Scan (
)
Server
5)
Version up Server
6) Spy ( )
1. Bot
(Windows )
Bot
(Antivirus) Bot
(Virus Definition file)

Bot

Update
Microsoft Update
Microsoft Bot
( )
3)
Microsoft Update
Microsoft Update
http://www.update.microsoft.com/microsoftupdate/v6/default.aspx
Microsoft Update Website
Microsoft Update
http://www.microsoft.com/en-us/windows/help/windows-update
Microsoft Update Tool
Tool Bot
Microsoft
Update
Microsoft Download
Tool Tool
Tool
http://www.microsoft.com/security/pc-security/malware-removal.aspx
2) Update

( - )

Bot ( )
3)

Update
Scan
(: Scan
)

Firewall Network

Bot
/ Bot

3)
HOSTS
Windows NT,2000
C:WINNTSYSTEM32DRIVERSETC HOSTS
Windows XP,Vista
C:WINDOWSSYSTEM32DRIVERSETC HOSTS
Notepad (notepad.exe)
Network
URL IP Address

(Localhost)

Microsoft Website URL () Website
(127.0.0.1 )
127.0.0.1
localhost

127.0.0.1
www.microsoft.com
127.0.0.1
www.nai.com
127.0.0.1
trendmicro.com
127.0.0.1
update.symantec.com
127.0.0.1
updates.symantec.com
(#) Comment
Bot
(1)
Spyware (
) (Virus Definition File)
Update
(2)
(3)

(4) Browser Internet Options (Security Options)
High ( Internet Explorer 7 the

Internet Options )
Internet Explorer
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/zone_
ovr.mspx?mfr=true
(5) Spam
Spam
(3)
10
(6) Router () Firewall

Network Router
() Firewall
()
Network
(7)
OS Application Update (Microsoft Update )
Web Bot
Web Bot

(1) Bot Web
(2)
OS Application Update
(3)
Web
IT Security White Paper 200710( )

http://www.ipa.go.jp/security/vuln/20070309_ISwhitepaper.html
2004
http://www.ipa.go.jp/security/vuln/20050331_trend2004.html
Tool
http://www.microsoft.com/japan/security/malwareremove/
Cyber Clean Center (CCC) Ministry of Internal Affairs and Communications Ministry of
Economy, Trade and Industry
https://www.ccc.go.jp/
Scan ( )
Cyber Clean Center Bot

https://www.ccc.go.jp/flow/
Symantec
http://security.symantec.com/sscv6/home.asp
11
Trendmicro Scan
http://www.trendflexsecurity.jp/housecall/
McAfee Scan
http://www.mcafee.com/japan/mcafee/home/freescan.asp

(*1) Phishing
( Credic )
Credic
) Phishing Fishing
(*2) Spam mail

UBE () unsolicited bulk Email

(*3) DoS / DDoS
(DoS )

DoS

DDoS
(Distributed
Denial
of
Service:
)
DoS Website
Website
(*4)
network Application protocols

Operating
Application

Security whole
(*5) Backdoor

Port

(*6) IMinstant messenger
12
Chat

AOL Instant Messaging MSN Messenger
(*7) IRC (Internet Relay Chat)
IRC Server

(*8) Network Scanning
Port Scan Port
Backdoor

Ahnlabo
http://www.ahnlab.co.jp/
Kaspersky Labs Japan
http://www.kaspersky.co.jp/
Symantec
http://www.symantec.com/ja/jp/
Sourcenext
http://www.sourcenext.com/
Trendmicro
http://jp.trendmicro.com/
Microsoft
http://www.microsoft.com/ja/jp/
McAfee
http://www.mcafee.com/japan/
13
Bot
(IPA)

(: NISC 100-0014
2-4-12
poc@nisc.go.jp
14

How To Protect Bots by Maungpauk

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

How To Protect Bots by Maungpauk

Uploaded by

Copyright:

Available Formats

(3)

1) Spam mails ( Spam (*2) )

(4) Browser Internet Options (Security Options)

High ( Internet Explorer 7 the

(6) Router () Firewall

(1) Bot Web

IT Security White Paper 200710( )

Cyber Clean Center Bot

(*2) Spam mail

You might also like