Follow Us

War on Error

Microsoft offers access to anti-botnet system



At last the world’s most effective but ignored digital police force, Microsoft, has said it plans to give third-parties including CERTs, ISPs and even foreign governments automated access to its formidable botnet intelligence feeds through an API.

As an article written up by a journalist attending the ICCS Conference in Washington reports, Microsoft's Digital Crimes Unit (DCU) has announced that it is beta testing a system to offer this from its “70-node cluster running the Apache Hadoop framework on top of Windows Server.”

The system is can best be described as a sort of realtime honeypot that attempts to connect to and monitor real botnetted PCs and servers across the Internet, gathering data in traffic patterns.

Microsoft will have a lot of data in this system already as anyone who has watched the company’s spectacular attacks on the Kelihos botnet last summer will attest, adding to similar campaigns against Rustock and Waledec, will vouch for.

Microsoft is not the only company running such a system but it is the only one willing to offer the data it collects to others in an automatic feed others can hook into for free.

The reason for this generosity is simple - Microsoft is not a company that makes its money from security. Its interest is in protecting the parts of the Internet - the PC - from which is makes its money.

If digital police forces had existed to kickstart this sort of initiative years ago perhaps botnets might not have become such a problem in the first place, but we are where we are.



Tags: microsoft

RSSSubscribe to this blog

More from Techworld

More relevant IT news

Contact Us

For editorial queries:
Mike Simons Mike_Simons@idg.co.uk

For website issues:
Email webmaster@techworld.com

For commercial queries
Russell Kearney russell_kearney@idg.co.uk


For more contact details click here.


Email this to a friend

* indicates mandatory field





Techworld White Papers

Optimising data protection for virtual environments

VM environments require the same level of data protection as does the physical server environment. Companies may use data protection tools built for the physical environment in the virtual world, but this has serious disadvantages.

Download Whitepaper

PCI Compliance: Are UK businesses ready?

Exploring the results of a recent survey, including: ? Levels of understanding of the standard ? Current perceptions of actual compliance status ? Attitudes toward addressing compliance

Download Whitepaper

Mobility Management for Dummies

Your complete guide to managing and securing mobile devices such as laptops and smartphones.

Download Whitepaper

Magic Quadrant for midrange and high-end NAS solutions

It is difficult to find one midrange or high-end NAS product that can cater to all needs. File systems embedded in NAS are often designed to solve one major pain point, with additional features being added later to broaden use cases and benefits.

Download Whitepaper

Techworld UK - Technology - Business

Oracle Video

Enabling agile and intelligent businesses

 Changing markets, competitive pressures and evolving customer needs are placing increasing pressure on IT to deliver greater flexibility and speed. Explore truly flexible SOA foundations with this Oracle video.

Watch
COLT White Paper

IT Misuse Survey

Complete this survey and you could win a Nexus One

Techworld are running a short survey to discover how UK businesses are managing Internet and email misuse in the Enterprise.

Complete Survey

Complete our survey and you could win a Sony E-book Reader.
Techworld have teamed up with HP to compile a survey relating to server virtualisation. Complete the short survey and you could be the lucky winner of a Sony E-book reader.

Complete the survey here

Site Map

Test