The Passing Storm: The Storm/Nuwar Botnet

Free registration required

Executive Summary

While security software can mitigate the direct impact of Nuwar and other bot-related malware on individual systems, the wider effects of botnet activity need additional countermeasures. DDoS attacks, for instance, may be somewhat mitigated by firewall, switch and router configuration. Local monitoring and blocking of SMTP traffic from systems other than authorized mail servers can reduce the impact of spam, fraudulent and malicious email spread over open relays and open proxies, while locked down desktops with minimum user privilege make it harder for all malware to execute and self-install. Signature-based solutions such as "Conventional" Anti-Virus (AV) and Snort signatures are largely reactive, but remain effective in many cases, especially where supplemented with proactive solutions such as ESET's advanced heuristics.

  • Format: PDF
  • Size: 2394.84 KB