This book challenged me more than any other book I've written. I felt that I needed
to bolster my opinions with those of other respected programmers and consultants.
I asked for many opinions, and published some of the responses. Thanks to Mike
Clark, Matt Raible, Andrew Hunt, Ramnivas Laddad, Brett McLaughlin, and Eitan
Suez for answering my questions.
In this paper we study the question, whether the technique
of botnet tracking can be extended to analyze and mitigate P2P
based botnets. Roughly speaking, we adapt the three steps of
botnet tracking in the following way using Storm Worm as a
case study: In the ﬁrst step, we must get hold of a copy of the
bot binary. In the case of this botnet, we use spam traps to col-
lect Storm Worm generated spam and client side honeypots to
simulate the infection process.
The Throg task force struck the Terran Survey camp a few minutes after
dawn, without warning, and with a deadly precision which argued that
the aliens had fully reconnoitered and prepared that attack. Eye-searing
lances of energy lashed back and forth across the base with methodical
accuracy. And a single cowering witness, flattened on a ledge in the
heights above, knew that when the last of those yellow-red bolts fell,
nothing human would be left alive down there.