On Sun, Mar 21, 2010 at 09:37:09PM +0000, James Bensley wrote: > On 19 March 2010 14:19, <valdis.kletni...@vt.edu> wrote: > You *do* realize that > > there's an estimated 140,000,000 bots on the net, right > > As many as that? Thats 1 in 12 according to > http://www.internetworldstats.com/stats.htm.
I think that estimate's a bit on the low side, but it's certainly very plausible, based on growth rates that have been observed over the past seven years. I think any estimate under 100M should be laughed out of the room, and that 200M is not unreasonable, although it's arguably edging toward the upper error bars. What's disconcerting about this -- well, actually there are a number of disconcerting things about this, but let me pick one -- is that our adversaries have convincingly demonstrated that they understand concepts like reserves, concealment, and misdirection. It's therefore entirely sensible to wonder how many system which are not presently displaying any externally-observable symptoms are in fact bots but are simply not being used as such -- for now. There is, by the way, no relief from this due to events like the recent bust of the Mariposa botnet (13M systems); all that means is that there are now 13M pre-compromised systems waiting for the first person clever enough to conscript them into *their* botnet. ---Rsk