Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Botnet Research SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Botnet Research
I'm doing some research into botnets and botnet sizes and am looking for some data from our readers.  What I'm trying to find are the average sizes of botnets and what their specific purpose was when they were found (DDoS, cracking credit cards, generating spam, DNS impersonation, etc.)  I don't need links to stories or conjecture about what you think might be out there, but specific information about botnets you have personal experience discovering or disabling.  If you want me to mention your name or if you want to remain anonymous, please tell me.  I'll compile the data that is sent in and post a story later this week with the results. 

This next statement might sound a bit nutty, but if you are a botmaster and don't mind sharing some of your experiences I'd like to hear them too.  How much are botnets currently worth?  Is there an active market to buy and sell them, who are the buyers, who are the sellers, etc.  I'm pretty sure that any botmasters reading this will want to remain anonymous and we'll honor your request.  Also, what direction are botnets going in?  In other words, we are familiar with DDoS and spamming botnets, so what is next?

Please send your data via the contact form rather than via direct email.  Thanks in advance for any information you forward to us.

Marcus Sachs
Director, SANS Internet Storm Center


301 Posts
ISC Handler
Oct 22nd 2006

Sign Up for Free or Log In to start participating in the conversation!