BYOB - Build Your Own Botnet
- Francois Begin - Master's Candidate
- Thursday, February 19th, 8:15pm - 8:55pm
Botnets represent a clear and present danger to information systems. They have evolved from simple spam factories tounderpinning massive criminal operations. Botnets are involved in credit card and identity theft, various forms of espionage, denial of service attacks, and other unsavory by-products of the new digital lifestyle that is prevalent in modern societies and emerging economies. Security professionals at any level cannot ignore this threat.
Having a better understanding of the inner workings of a botnet can lead to more efficient and judicious application of mitigation techniques. This presentation will show a working example of a botnet dubbed BieberBot. This botnet has been implemented in Java and PHP. The implementation includes a command and control infrastructure as well as botnet tracking and reporting capability. The BieberBot bots are also capable of eavesdropping on network traffic and capturing keyboard activity on compromised hosts.
This presentation is a revised and enhanced version of a GSEC Gold Paper originally published in 2011.
Speaker bio: Francois Begin is a Security Consultant for TELUS Communications, a large Canadian telco. In his current role, he does development, design and implementation of small, medium and large-scale security services for the corporate infrastructure. His last project was the replacement of TELUS' OTP infrastructure. Prior to joining the TELUS Chief Security Office, Francois worked as a Unix Systems Administrator and also spent almost a decade teaching mathematics at the high school level. Francois lives in Edmonton, Alberta where he tries his best to keep up with his two young kids and his lovely wife.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
|General Session - Welcome to SANS||Dr. Eric Cole||Monday, February 16th, 8:15am - 8:45am||Special Events|
|APT: It is Time to Act||Dr. Eric Cole||Monday, February 16th, 7:15pm - 9:15pm||Keynote|
|Privileged Domain Account Protection: How to Limit Credentials Exposure||Mike Pilkington||Tuesday, February 17th, 7:15pm - 8:15pm||SANS@Night|
|Information Security Risk Management - No Exceptions!||Mark Williams||Tuesday, February 17th, 8:15pm - 9:15pm||SANS@Night|
|The 13 Absolute Truths of Security||Keith Palmgren||Wednesday, February 18th, 7:15pm - 8:15pm||SANS@Night|
|Continuous Monitoring - A Practical Example||Randy Marchany||Wednesday, February 18th, 8:15pm - 9:15pm||SANS@Night|
|How to Give the Best Pen Test of Your Life||Ed Skoudis||Thursday, February 19th, 7:15pm - 8:15pm||SANS@Night|
|Continuous Monitoring and Real-World Analysis||Seth Misenar||Thursday, February 19th, 8:15pm - 9:15pm||SANS@Night|
|BYOB - Build Your Own Botnet||Francois Begin - Master's Candidate||Thursday, February 19th, 8:15pm - 8:55pm||Master's Degree Presentation|
|Debunking the Complex Password Myth||Keith Palmgren||Friday, February 20th, 7:15pm - 8:15pm||SANS@Night|