Professional Documents
Culture Documents
Bot
Bot
?
Bot
Bot
Robot
Bot
Bot Network
() Bot Server Network
Bot Network
Bot Network Phishing (*1) Spam (*2)
DDoS (*3)
Bot
Server
Spam
2)
3) Spam (URL)
4) (*4)
5)
backdoor (*5)
6) (PtoP)
7) Instant messenger (*6)
4)
Microsoft Update
Network
Network Server (Bot IRC
(Internet Relay Chat) (*7) ) (Spam DoS (*3) network
Network Scanning (*8)
Version up Server
2) DoS (
)
3) Network (
)
IP Address
4) Network Scan (
)
Server
5)
Version up Server
6) Spy ( )
1. Bot
(Windows )
Bot
(Antivirus) Bot
(Virus Definition file)
Bot
Update
Microsoft Update
Microsoft Bot
( )
3)
Microsoft Update
Microsoft Update
http://www.update.microsoft.com/microsoftupdate/v6/default.aspx
Microsoft Update Website
Microsoft Update
http://www.microsoft.com/en-us/windows/help/windows-update
Microsoft Update Tool
Tool Bot
Microsoft
Update
Microsoft Download
Tool Tool
Tool
http://www.microsoft.com/security/pc-security/malware-removal.aspx
2) Update
( - )
Bot ( )
3)
Update
Scan
(: Scan
)
Firewall Network
Bot
/ Bot
3)
HOSTS
Windows NT,2000
C:WINNTSYSTEM32DRIVERSETC HOSTS
Windows XP,Vista
C:WINDOWSSYSTEM32DRIVERSETC HOSTS
Notepad (notepad.exe)
Network
URL IP Address
(Localhost)
Microsoft Website URL () Website
(127.0.0.1 )
127.0.0.1
localhost
127.0.0.1
www.microsoft.com
127.0.0.1
www.nai.com
127.0.0.1
trendmicro.com
127.0.0.1
update.symantec.com
127.0.0.1
updates.symantec.com
(#) Comment
Bot
(1)
Spyware (
) (Virus Definition File)
Update
(2)
(3)
Internet Explorer
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/zone_
ovr.mspx?mfr=true
(5) Spam
Spam
(3)
10
()
Network
(7)
OS Application Update (Microsoft Update )
Web Bot
Web Bot
(2)
OS Application Update
(3)
Web
Scan ( )
Symantec
http://security.symantec.com/sscv6/home.asp
11
Trendmicro Scan
http://www.trendflexsecurity.jp/housecall/
McAfee Scan
http://www.mcafee.com/japan/mcafee/home/freescan.asp
(*1) Phishing
( Credic )
Credic
) Phishing Fishing
DDoS
(Distributed
Denial
of
Service:
)
DoS Website
Website
(*4)
network Application protocols
Operating
Application
Security whole
(*5) Backdoor
Port
(*6) IMinstant messenger
12
Chat
AOL Instant Messaging MSN Messenger
(*7) IRC (Internet Relay Chat)
IRC Server
(*8) Network Scanning
Port Scan Port
Backdoor
Ahnlabo
http://www.ahnlab.co.jp/
Kaspersky Labs Japan
http://www.kaspersky.co.jp/
Symantec
http://www.symantec.com/ja/jp/
Sourcenext
http://www.sourcenext.com/
Trendmicro
http://jp.trendmicro.com/
Microsoft
http://www.microsoft.com/ja/jp/
McAfee
http://www.mcafee.com/japan/
13
Bot
(IPA)
(: NISC 100-0014
2-4-12
poc@nisc.go.jp
14