|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical how many zombies? [was: Re: Anycast 101]
Not that it is really relevant to the original discussion, but here goes...there are some million-bot drone armies out there. with enough attackersI've heard that claim before, but I've yet to be convinced that those making it were doing more than speculating. It is not unreasonable to believe there are millions of bot drones, but that is not the same as an army under a single or even coordinated control structure. It is entirely possible to build armies of that size, but maintaining them over any length of time is probably quite difficult. I'd of course be interested to hear about any evidence to the contrary on or off list. John The biggest drone armies out there are at around 200K, currently. The bigger controllers/runners usually have drone armies of 50K - 80K size botnets. Most botnets are between a hundred and 10K drones. Today, in the Quakenet IRC network we see: There are 66360 users and 153169 invisible on 42 servers About a year ago that was about 50K users. Back then about 20K - 30K of those users were zombies. IRC growth is a known thing, but it doesn't grow exponentially. People come and go, while other chat medias slowly eat at the IRC. With such a growth, not taking into consideration hard facts (that I do have about several IRC networks, as there are a few big ones), and 1000 or so new malware a month (950 of which being Trojan horses that can be used for botnets, most of which are agobots, ircbots, spybots, etc. - IRC bots) one could assume, under the MOST restrictive terms that at least 80K users are drones. Again - this is hardly the only IRC network out there. Not all drone armies are run via IRC. And finally, there are many drone armies running on *private* IRC servers much like anonymous FTP's are being used to hold warez. Also note (although this is rather shaky as "fact"), that most IRC clients set the user's mode to +i (invisible) by default. Draw your own conclusions from the numbers above. As to actual facts.. off list if you will be interested, and once I know you better. Gadi.
|