Today, botnet requires more than just static signature based security protection. The modern botnet is essentially a collection of proxies and hosts that are the battleground for attackers and their malicious objectives.
The compromised systems are called “bots” and tied to a command and control (C&C) server. The C&C server is used by attackers to send out instructions for the bots to execute. Once controlling the C&C server, attackers can wreak havoc of intranet by ultimately stealing data or running ransomware.
Botnet creates havoc in network and business at hand, including:
- Business extortion
- Enterprise resource consumption
- Data theft
- Malicious program execution
Hillstone, by adding layers of protection to your network, now offers botnet C&C prevention solution in the latest release of its Operating System (StoneOS), which including:
- Effectively discover intranet bots and prevent further attacks of advanced threats through comparison of information obtained with the C&C address database
- Regularly update the botnet server addresses
- Add prevention methods for C&C IP and domain addresses
- Support TCP, HTTP, and DNS traffic detection
- Add IP and domain whitelists
Note that this solution is available in the Base Version 5.5R5F2.