Is it possible to detect Botnet. If yes then how ?
I have a question which many of you had understood by reading the title. I want some way to detect botnets. I had gone through wikipedia article based on the virus, but it is a bit complex to understand. I think some of my systems are infected botnet. I have a antivirus software installed in my computer and it has given me warning recently. Full HD doe snot detected any dept infections. I use the system to make some banking transaction and think that this botnet can spy my password.
re: Is it possible to detect Botnet. If yes then how ?
There are number of antimalware and rootkit detectors that can help you out. A number of antivirus comes with rootkit detection and they are capable of finding and removing them. Instead of locating a botnet detector use a powerful antimalware software that can find and remove them on their own. There are tons of cleanup tools that can help you to deal with this infection. I am using the latest edition of Norton Internet Security which I found more helpful and it worked fine. It keeps the system secure and does not allow any internal threat to track your confidential information.
re: Is it possible to detect Botnet. If yes then how ?
Check the process that are running in the background. You can locate suspicious things through that. There are tools like Process Explorer, Hijackthis, etc which can give you a detailed information on the number of services running in your system. You can then find the associated information on the same and the use it block threats. Also if possible try to monitor your network traffic. Botnets mostly try to connect with distant systems sniffing your data. Virus attacks on Windows registry primarily so that they can modify system access and work quietly in the background. Soon you will find your system flooded with lots of virus.
Re: How do you detect a botnet? Impossible, right?
It is possible through portscan. You can monitor the network activity by locating the reason for unauthorized traffic. Basically when a virus enters your system, it tries to communicate with other infection computer and tries to spread. They use open ports or simply modify the system settings. You can use a port scanner software to locate which app is associated with which port. You can in that way find that your system is not acting as a bot. To detect that run any good port scanner and then launch your web browser or mail client. Surf web for about 10 to 15 mins. Check in the port scanner what you can find. Is there any unknown traffic source detected.
Re: How do you detect a botnet? Impossible, right?
Did your antivirus caught any of them. Check the Quarantine of logs where you can find list of infection. You can schedule a full system scan each day to keep an eye on upcoming infections and ensure that your system stays safe. If somehow your PC becomes a part of botnet then that does not means it is going to spread keylogger in entire network. Botnet are mostly used to derive a common function through malicious file and with powerful security audit tools you can locate them.
Re: How do you detect a botnet? Impossible, right?
Download a good port scanner. A number of antivirus comes with powerful port scanner software that gives you the current information on ports open or closed. You can block the one which is suspicious. It is correct that you have to inspect the log everytime to locate some infection in the same.