Content deleted Content added
m Disambiguating links to Tor (link changed to Tor (anonymity network)) using DisamAssist. |
hat |
||
Line 1:
{{hatnote|For other uses of the term, see [[Command and control (disambiguation)]]}}
In the field of [[computer security]], '''command and control''' (C&C) infrastructure consists of [[server (computing)|server]]s and other technical infrastructure used to control [[malware]] in general, and, in particular, [[botnet]]s.
<ref>{{cite web|url=http://www.cpni.gov.uk/documents/publications/2014/2014-04-11-cc_qinetiq_report.pdf|title=Command & Control: Understanding, denying, detecting|publisher=[[Centre for the Protection of National Infrastructure]]|date=2014}}</ref><ref>{{cite web|url=http://www.commandfive.com/papers/C5_APT_C2InTheFifthDomain.pdf|title=Command and Control in the Fifth Domain|publisher=Command Five Pty Ltd|date=Feb 2012}}</ref> Command and control servers may be either directly controlled by the malware operators, or themselves run on hardware compromised by malware. [[Fast-flux DNS]] can be used as a way to make it difficult to track down the control servers, which may change from day to day. Control servers may also hop from DNS ___domain to DNS ___domain, with [[___domain generation algorithm]]s being used to create new DNS names for controller servers.<ref>{{cite web|url=http://www.pcworld.idg.com.au/article/417011/malware_increasingly_uses_dns_command_control_channel_avoid_detection_experts_say/|title=29 Feb 2015|work=PC World|title=Malware increasingly uses DNS as command and control channel to avoid detection, experts say}}</ref>
| |||