Scottsdale 2015

Scottsdale, AZ | Mon, Feb 16 - Sat, Feb 21, 2015

BYOB - Build Your Own Botnet

  • Francois Begin - Master's Candidate
  • Thursday, February 19th, 8:15pm - 8:55pm

Botnets represent a clear and present danger to information systems. They have evolved from simple spam factories tounderpinning massive criminal operations. Botnets are involved in credit card and identity theft, various forms of espionage, denial of service attacks, and other unsavory by-products of the new digital lifestyle that is prevalent in modern societies and emerging economies. Security professionals at any level cannot ignore this threat.

Having a better understanding of the inner workings of a botnet can lead to more efficient and judicious application of mitigation techniques. This presentation will show a working example of a botnet dubbed BieberBot. This botnet has been implemented in Java and PHP. The implementation includes a command and control infrastructure as well as botnet tracking and reporting capability. The BieberBot bots are also capable of eavesdropping on network traffic and capturing keyboard activity on compromised hosts.

This presentation is a revised and enhanced version of a GSEC Gold Paper originally published in 2011.

Speaker bio: Francois Begin is a Security Consultant for TELUS Communications, a large Canadian telco. In his current role, he does development, design and implementation of small, medium and large-scale security services for the corporate infrastructure. His last project was the replacement of TELUS' OTP infrastructure. Prior to joining the TELUS Chief Security Office, Francois worked as a Unix Systems Administrator and also spent almost a decade teaching mathematics at the high school level. Francois lives in Edmonton, Alberta where he tries his best to keep up with his two young kids and his lovely wife.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, February 16
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Monday, February 16th, 8:15am - 8:45am Special Events
APT: It is Time to Act Dr. Eric Cole Monday, February 16th, 7:15pm - 9:15pm Keynote
Tuesday, February 17
Session Speaker Time Type
Privileged Domain Account Protection: How to Limit Credentials Exposure Mike Pilkington Tuesday, February 17th, 7:15pm - 8:15pm SANS@Night
Information Security Risk Management - No Exceptions! Mark Williams Tuesday, February 17th, 8:15pm - 9:15pm SANS@Night
Wednesday, February 18
Session Speaker Time Type
The 13 Absolute Truths of Security Keith Palmgren Wednesday, February 18th, 7:15pm - 8:15pm SANS@Night
Continuous Monitoring - A Practical Example Randy Marchany Wednesday, February 18th, 8:15pm - 9:15pm SANS@Night
Thursday, February 19
Session Speaker Time Type
How to Give the Best Pen Test of Your Life Ed Skoudis Thursday, February 19th, 7:15pm - 8:15pm SANS@Night
Continuous Monitoring and Real-World Analysis Seth Misenar Thursday, February 19th, 8:15pm - 9:15pm SANS@Night
BYOB - Build Your Own Botnet Francois Begin - Master's Candidate Thursday, February 19th, 8:15pm - 8:55pm Master's Degree Presentation
Friday, February 20
Session Speaker Time Type
Debunking the Complex Password Myth Keith Palmgren Friday, February 20th, 7:15pm - 8:15pm SANS@Night